2. ● Introduction
● FIDO2 Authentication
● FIDO2 APIs for Android
● FIDO2 APIs for iOS
● Reference
Agenda
3. ● Authentication is often described as the process of
“verifying that a user is who he claims to be”.
Introduction
4. ● Any password-based authentication system needs to
store passwords somewhere in order to validate them
against a user’s input.
The 60s: password
5. ● Used a cryptographic concept called a hash function
to store passwords.
The 70s: Password Hashing
6. ● Public-key or Asymmetric Cryptography involves two
keys:
○ Public key that you can safely share with the world
to help identify yourself
○ Private key you use to sign things, thus verifying
your identity.
Mid-70s: Public-key cryptography
8. ● A one-time password (OTP) is a password that is valid
for only one login session or transaction, on a
computer system or other digital device.
The 80s: One-time passwords
9. ● A set of technologies and standards that manage the
creation, storage, and distribution of keys or digital
certificates.
The 90s: Public-Key Infrastructure
10. Mid-90s detour: CAPTCHAs
● A CAPTCHA (Completely Automated Public Turing test
to tell Computers and Humans Apart) is a type of
challenge–response test used in computing to determine
whether or not the user is human.
● We can used CAPTCHAs to prevent some automated
authentication attacks.
11. ● Multi-factor authentication (MFA) is an authentication
method that requires the user to provide two or more
verification factors to gain access to a resource.
The 2000s: Multi-factor authentication
12. ● The ubiquitous nature of smartphones brought two
previously less-attainable authentication technologies to
the masses: biometrics and 2FA.
The 2010s: The smartphone era
14. ● FIDO2 (Fast Identity Online) uses public-key cryptography
to provide strong passwordless authentication to end-users.
● FIDO2 is the name given to the combination of two
specifications.
○ WebAuthn (Web Authentication)
○ CTAP (Client to Authenticator Protocol)
FIDO2 Authentication
24. FIDO2 APIs for iOS
● Safari supports NFC, USB, and Lightning FIDO2-Compliant
Security Keys in iOS 13.3
● Safari support password-less logins via Face ID and Touch ID
on iOS 14