SlideShare a Scribd company logo

apidays LIVE Paris 2021 - Identification & Authentication for Individuals with API at eIDAS Substantial Security Level by Nicolas Bigand, Groupe La Poste

apidays
apidays

apidays LIVE Paris 2021 - APIs and the Future of Software December 7, 8 & 9, 2021 Identification & Authentication for Individuals with API at eIDAS Substantial Security Level Nicolas Bigand, CTO & COO at L'identité Numérique La Poste at Groupe La Poste

Technology
1 of 25
Download to read offline
1
2 In ch a rg e of • Research • Architecture • Development • Security &Conformity • Technicalsupport for Customer &Business Nicola s BIGAND CTO & COO – L’Id e n tité Nu m é riq u e La P oste Exp e rie n ce s • 2 years at La Poste • 15 Years at Thales in cybersecurity: Develop & Launch >10 high security level products
= Digital proof of identity How ca n you ve rify on lin e th e id e n tity of n e w cu stom e rs? Which problem do we solve ?
Ou r Se cu rity Le ve l = e IDAS Su b sta n tia l Le ve l of a ssu ra n ce Our differentiation?
New York JULY Australia SEPTEMBER Singapore APRIL Helsinki & North MARCH Paris DECEMBER London OCTOBER Jakarta FEBRUARY Hong Kong AUGUST JUNE India MAY Check out our API Conferences here 50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees, 300k+ online community Want to talk at one of our conferences? Apply to speak here
EU regulation on electronic identification and trust services for electronic transactions ANSSI, the French NationalSecurity Agency has developed a certification and qualification process for French companies W h a t is e IDAS re g u la tio n ? How d oe s it a p p ly in Fra n ce ? EIDAS fra m e s d ig ita l id e n titie s in Eu rop e ANSSI g u a ra n te e s th e se rvice s se cu rity in Fra n ce L’Identité Numérique La Poste i s the only eIDAS substantial identity qualified by ANSSI in France
Hig h le ve l Stronger security constraints: • Physical Token • Restricted access • Smart IDcard Low le ve l Single factor : login&password Su b sta n tia l le ve l Proof of Identity & 2 factors authentication e IDAS Se cu rity EQUALto sovereign process face-to-face No guarantee of identity EQUALto banking face-to- face Te ch n olog y + - Se c u rit y + - Us e r e xp e rie n c e e IDAS : 3 Le ve ls of Assu ra n ce
Hig h le ve l Sovereign uses Ex: borders, administration Low le ve l Connection to unregulated websites Su b sta n tia l le ve l Ap p lica tion Onboarding, KYC, Management acts Advanced signature …. Co ve rs m o s t b u s in e s s id e n t ific a t io n n e e d s e IDAS : 3 Le ve ls of Assu ra n ce
Public sector Banking Insurrance Sharing economy Gambling E-commerce Postal &deliveryservices Health And more… Signature Data sharing Identification/Onboarding &Authentication Physicalaccess Authorization Ma n y se ctors n e e d a tru ste d id e n tifica tion solu tion in p a rticu la r th ose su b je ct to strict or e volvin g re g u la tory fra m e w orks
How d oe s L’Id e n tité Nu m é riq u e La P oste w ork? IDENTITY VERIFICATION AT SUBSTANTIAL LEVEL At home Poste office Online CERTIFIED PERSONAL DATA A UNIVERSAL KEY Substantial eIDAS Qualified by ANSSI Strong Authentication (DSP2) STRONG AUTHENTICATION APP Fo r Org a n iza t io n s Fo r Us e rs A DIGITAL PROOF OF IDENTITY Fo r b o t h An easy and secure way to prove your identity and access hundreds of online services
Fo r Org a n iza t io n s Fo r Us e rs Asingle IDand password to remember that connect to multiple online services Atime saving solution Afraud and identity theft protection Digital proof of identity compliant with regulations Strong authentication Fraud and Identity Theft Protection Certified identity data Contact details verified Productivitygains Streamlined customer journey Improved user experience Th e b e n e fits for you r com p a n y a n d cu stom e rs a re n u m e rou s
Exa m p le of on lin e su b scrip tion to a se rvice AP P LICATION Certaines données vont être transm ises Besoin d’ aide CGU Accessibilité M entions légales Charte informatique et liberté Gérer mes cookies Continuer Informations de profil Informations de naissance Informations de contacts Vous pouvez annuler le partage de vos données à tout moment, rendez vous sur la Charte informatique et liberté Confirm ez sur l’application +33 678 90 34 56 Modifier Une action est enattente Cliquez sur la notification ou ouvrezl’application L’Identité Numérique. Besoin d’ aide CGU Accessibilité M entions légales Charte informatique et liberté Gérer mes cookies Identifiez-vous pourvous connecter à FranceConnect S’ identifier +33 Numéro de mobile J’ aichangé denuméro Vousn’ avez pas encore d’ Identité Numérique ? Découvrir L’Identité Numérique La Poste Besoin d’ aide CGU Accessibilité M entions légales Charte informatique et liberté Gérer mes cookies Identification Button to click PIN Code Data sharing consent Data received by website YOUR W EBSITE YOUR W EBSITE
Ou r AP I stra te g y: a solu tion b u ilt on m od e rn a n d se cu re sta n d a rd s
L’IDENTITE NUMERIQUE BACK L’IDENTITE NUMERIQUE APPLICATION CLIENT FRONT W EB SITE CLIENT BACK Front Back 1. Add L’Ide ntité Num é rique button 2. Adapt clie nt your journe y 2. Call the API L’Identité Numérique  Only 4 REST requests for all the journey JW T CLIENT How to in te g ra te ou r AP I?
Securing OpenID Connect protocols (ANSSI guide) Securing TLS exchanges (ANSSIguide) Secure Mobile / backend communications: Solution with an ANSSICSPN Perimeter security: Firewalls, Waf Security by redundancy: Full localredundancy +redundancyof ISO27001Docaposte Datacenter Regular audit &pentesting of APIby accredited auditor (PASSI) Process MCO&MCS : Automatic securitysupervision &regular patch management Risk analysis type ebios and peer review for each evolutions of the system Supervision done by a SOC and a NOC (with a dedicated SIEM) Se c u rit y b y De s ig n Se c u rit y d u rin g Life c yc le AP I se cu rity
Online gambling Banking Health Public sector E-commerce Parcelcollection Electronic signature Simpler registration process Simpler online subscription process Simpler patient registration process Easier access to more than 1.000 online services via FranceConnect Faster receiving process for registered electronic mail Gain in productivity Faster integration (less than a week) Clie n t fe e d b a cks
A m ulti-business Group : 4 b u sin e ss lin e s + 23.0 0 0 clients 50 0 0 em ployees 80 0 m illion s in revenue ALL data centers in France A fully public com pany ParcelMail Services GeoPost La Banque Postale Retailcustomers and digital business unit 24 9 0 0 0 em ployees 21,6 b illion Item s delivered per year worldwide € 31b illion In consolidated revenue (30% abroad) 17 0 0 0 Retail outlets nationwide L’Id e n tité Nu m é riq u e , a se rvice p rovid e d b y th e Fre n ch p osta l se rvice com p a n y La P oste a solu tion d istrib u te d b y DOCAP OSTE
17 Docaposte Contact Thanks for your attention . Let’s keep in touch . Nicolas BIGAND Chief Technical Officer & COO n icola s.b ig a n d @la p oste .fr Antoine D’HEBRAIL Marketing & Sales Director a n toin e .d -h e b ra il@la p oste .fr
P. 18 The client identifies himself The client opens his application AtemporaryQR code is generated I am facing a human, Iauthenticate myself and Ipresent my QRcode so that the bank advisor can scan it L’Id e n tité Nu m é riq u e La P oste is e q u iva le n t to a n ID d ocu m e n t in th e p h ysica l w orld too
1. L’Identité Numérique integration process 1.1. A service compliant with OpenID Connect standards /authorize /token /userinfos Signout Service provider Site (Client) Autorisation code Access_token Id_token Oauth2 • Client_id / • client_secret • Clé OKAPI OKAPI Ap i Man ag e r 1 2 3 4 OpenID Connect
1. L’Identité Numérique integration process 1.2 Four APIs to integrate L’Identité Numérique Reply Request GET /authorize User login 1 POST/token Récupération des jetons d’accès 2 GET / userinfo Collecting access tokens 3 POST /signout Userlogout 4 The client makesa call to theendpoint / authorize of the IN, providing its client_id andits callback url asparameters. The client makesa call tothis API todisconnect the user, by providing set the user'saccess_token The client makesa call tothis API toretrieve user data, providing the user'saccess_token as aparameter The client makesa call toretrieve the access_token and the id_token, providing the authorization code received during the 1strequest as aparameter. After authenticating (1FA and 2FA), the user is redirected to the partner site (customer) via a 302 redirection. An authorization code is provided as aparameter of the URL • Access_token : authorization token linked to the user to accessthe variousresources & APIs of L’identité Numérique • ID_token: signedtoken containing the user'sidentity data in the form of a JWT ( Json WebToken). Return ofuser identity data and other information (claims) requested / authorized in the form of a json response Code 204, the useris loggedout
2. User data recovery 2.1.Two methods to recover data - JWT TheOpendIDConnectprotocol offered by L’Identité Numériqueallowsthe partner to retrieve the identity data of theauthenticated user in theform of aJson WebToken. The J WTis a signed token which means: • That the data transmitted has not beenmodified • That the data has beentransmitted by L’Identité Numérique Two signature algorithms available HS256and RS256 . Once decoded using tools or libraries available on the internet, the identity data and user information are exposed in the J SON payload, as well as the token metadata The La Poste public keyto verify the signature of the J WTis available at this address: • Sandbox: https://integration.compte.laposte.fr/key/public.pem • Production: https://compte.laposte.fr/key/public.pem User datawill bethoserequestedin theclaims duringthe first call to theendpoint/ authorize JSON WEB TOKEN (JWT) { "sub": "5577832670193", "email": "tests.reex10@yopmail.com", "email_verified": true, "acr": "eidas1", "given_name ": "Claire Marie", "family_name ": "Dupont", birthplace": "075110", "auth_time": 1568042343, "iat": 1568042343, "nbf": 1568042343, "exp": 1568042943, "jti": "gek6EJW -fyVzgcaYGOHqWgJXmM0wx6mXjw", "iss": "https://integration.compte.laposte.fr", "at_hash": "noaccesstoken", "aud": "FRANCECONNECT" } Extract
2. User data recovery 2.2. Two methods to recover data – endpoint /userinfo User datacanbe retrieved by API via a specific endpoint: / userinfos . Theyallow to be exposed in a J SONresponse, in exchange for the user's access_token. Aswith the JWT, theuser'sdata will bethoserequestedin the claimsduringthe first call to theendpoint/ authorize Endpoint / userinfo { "sub": "5577832670193", "email": "tests.reex10@yopmail.com", "email_verified": true, "given_name ": "Claire Marie", "family_name ": "Dupont", "gender": " female", "birthdate": "1965 -12 -06", "birthplace": "075110", "acr": "eidas1", "amr": [ " pwd" ], "birthcountry": "99100", "auth_time": 1568078846, "nonce": "0i1db90e32ji5b8b9cb1849acd069R854", " iat": 1568078846, "nbf": 1568078846, "exp": 3136164858, "jti": "d3oyaBnCM1Q14hqyNrCVZ -8rQn3Qfw -aNA", " iss": "https://integration.compte.laposte.fr", "at_hash": "d4ytCrc3Ix3qbS_yRcohWA", "aud": «PARTENAIRE« } Extract
3. « Pivot » Identity data Define the desired data : claims and scopes Scope Définition openid the technical identifier ( sub ) of the user in OpenIDConnect format will be returned gender The person's gender will be returned birthdate The person's date of birth will be returned birthplace The person's city of birth will be returned given_name The person's first names will be returned , separated by a space family_name The person's birth name will be returned email the person's email address will be returned phone the person's phone number will be returned • User datais translated into the Oauth2languageby the claims. Theseclaims canconstitute : ○ Theuser’s« pivot » identity data ○ Variousinformation about the user ○ Authentication context data • At the start of the authentication sequence, whencalling GET to / authorize, the client mustspecify the claims they wish to recover • Thenumberand type of claimsrequested may be different in the id_token and in the API responsefrom the endpoint: / userinfo • Claimscanbe groupedinto scopes,here is the list :
New York JULY Australia SEPTEMBER Singapore APRIL Helsinki & North MARCH Paris DECEMBER London OCTOBER Jakarta FEBRUARY Hong Kong AUGUST JUNE India MAY Check out our API Conferences here 50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees, 300k+ online community Want to talk at one of our conferences? Apply to speak here

Recommended

apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays
 
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays
 
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays
 
INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...
INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...
INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...
apidays
 
APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...
APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...
APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...
apidays
 
7.Trust Management
7.Trust Management7.Trust Management
7.Trust Managementphanleson
 
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays
 
Does your API need to be PCI Compliant?
Does your API need to be PCI Compliant?Does your API need to be PCI Compliant?
Does your API need to be PCI Compliant?
Apigee | Google Cloud
 

Recommended

apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays
 
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays
 
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays
 
INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...
INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...
INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...
apidays
 
APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...
APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...
APidays Paris 2019 - API-First vs Data Driven Architecture by Jerome Louvel, ...
apidays
 
7.Trust Management
7.Trust Management7.Trust Management
7.Trust Managementphanleson
 
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays
 
Does your API need to be PCI Compliant?
Does your API need to be PCI Compliant?Does your API need to be PCI Compliant?
Does your API need to be PCI Compliant?
Apigee | Google Cloud
 
apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays
 
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays
 
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
apidays
 
apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays LIVE New York 2021 - Solving API security through holistic obervabili...apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays
 
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays
 
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsIdentity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer Relationships
ForgeRock
 
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays
 
Banking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking UpdateBanking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking Update
MikeLeszcz
 
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
apidays
 
APIs for... Your Mom
APIs for... Your MomAPIs for... Your Mom
APIs for... Your Mom
Carlo Longino
 
Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​
WSO2
 
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Woodapidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays
 
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays
 
2015 Identity Summit - The Identity Broker as Driver for Growth
2015 Identity Summit - The Identity Broker as Driver for Growth2015 Identity Summit - The Identity Broker as Driver for Growth
2015 Identity Summit - The Identity Broker as Driver for Growth
ForgeRock
 
WSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device Cloud
WSO2
 
McKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & AutomationMcKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & Automation
ForgeRock
 
Open Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerOpen Banking via API Connect & DataPower
Open Banking via API Connect & DataPower
IBM DataPower Gateway
 
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
WSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
WSO2
 
What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?
Evernym
 
Loqr
LoqrLoqr
Loqr
Caixa Geral Depósitos
 

More Related Content

What's hot

apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays
 
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays
 
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
apidays
 
apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays LIVE New York 2021 - Solving API security through holistic obervabili...apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays
 
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays
 
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsIdentity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer Relationships
ForgeRock
 
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays
 
Banking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking UpdateBanking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking Update
MikeLeszcz
 
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
apidays
 
APIs for... Your Mom
APIs for... Your MomAPIs for... Your Mom
APIs for... Your Mom
Carlo Longino
 
Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​
WSO2
 
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Woodapidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays
 
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays
 
2015 Identity Summit - The Identity Broker as Driver for Growth
2015 Identity Summit - The Identity Broker as Driver for Growth2015 Identity Summit - The Identity Broker as Driver for Growth
2015 Identity Summit - The Identity Broker as Driver for Growth
ForgeRock
 
WSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device Cloud
WSO2
 
McKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & AutomationMcKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & Automation
ForgeRock
 
Open Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerOpen Banking via API Connect & DataPower
Open Banking via API Connect & DataPower
IBM DataPower Gateway
 
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
WSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
WSO2
 

What's hot (20)

apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
apidays LIVE London 2021 - Are VRPs the killer open banking app? by Chris Mic...
 
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...
 
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
APIdays Helsinki 2019 - Connect your Application to Finnish Trust Network wit...
 
apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays LIVE New York 2021 - Solving API security through holistic obervabili...apidays LIVE New York 2021 - Solving API security through holistic obervabili...
apidays LIVE New York 2021 - Solving API security through holistic obervabili...
 
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
apidays LIVE New York 2021 - Top 10 API security threats every API team shoul...
 
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsIdentity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer Relationships
 
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
apidays LIVE New York 2021 - API Management from a network Engineer's perspec...
 
Banking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking UpdateBanking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking Update
 
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...
 
APIs for... Your Mom
APIs for... Your MomAPIs for... Your Mom
APIs for... Your Mom
 
Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​
 
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Woodapidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
apidays LIVE London 2021 - Leveraging Webauthn for Payments by Chris Wood
 
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
 
2015 Identity Summit - The Identity Broker as Driver for Growth
2015 Identity Summit - The Identity Broker as Driver for Growth2015 Identity Summit - The Identity Broker as Driver for Growth
2015 Identity Summit - The Identity Broker as Driver for Growth
 
WSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device Cloud
 
McKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & AutomationMcKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & Automation
 
Open Banking via API Connect & DataPower
Open Banking via API Connect & DataPowerOpen Banking via API Connect & DataPower
Open Banking via API Connect & DataPower
 
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
[WSO2 Integration Summit Nairobi 2019] Case Study - Telkom Kenya
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 

Similar to apidays LIVE Paris 2021 - Identification & Authentication for Individuals with API at eIDAS Substantial Security Level by Nicolas Bigand, Groupe La Poste

What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?
Evernym
 
Loqr
LoqrLoqr
Loqr
Caixa Geral Depósitos
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For Banks
Evernym
 
The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021
CIO Look Magazine
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
Pankaj Rane
 
Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?
sorenpeter
 
Dollar_iSignthis brochures
Dollar_iSignthis brochuresDollar_iSignthis brochures
Dollar_iSignthis brochuresJohn Karantzis
 
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610 Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
FinTech Belgium
 
The Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdfThe Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdf
IDMERIT IDMERIT
 
TrustIDNow broshure
TrustIDNow broshureTrustIDNow broshure
TrustIDNow broshure
TrustIDnow
 
Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009
wegdam
 
Re-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity ManagementRe-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity Management
Martijn Oostdijk
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lecture
ynamoto
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for Applications
Ubisecure
 
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
i2Coalition
 
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Market Engel SAS
 
Identity Verification API The Cornerstone of Digital Trust.docx
Identity Verification API The Cornerstone of Digital Trust.docxIdentity Verification API The Cornerstone of Digital Trust.docx
Identity Verification API The Cornerstone of Digital Trust.docx
rpacpc
 
Top-KYC-AML-Providers-for-startups-and-small-business.pdf
Top-KYC-AML-Providers-for-startups-and-small-business.pdfTop-KYC-AML-Providers-for-startups-and-small-business.pdf
Top-KYC-AML-Providers-for-startups-and-small-business.pdf
KYCAMLGuide
 
15155678396230.pdf
15155678396230.pdf15155678396230.pdf
15155678396230.pdfKabeela.life
 
Digital signature
Digital signatureDigital signature
Digital signature
Yash Karanke
 

Similar to apidays LIVE Paris 2021 - Identification & Authentication for Individuals with API at eIDAS Substantial Security Level by Nicolas Bigand, Groupe La Poste (20)

What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?
 
Loqr
LoqrLoqr
Loqr
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For Banks
 
The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
 
Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?Mature Digital Trust Infrastructure - Are we there yet?
Mature Digital Trust Infrastructure - Are we there yet?
 
Dollar_iSignthis brochures
Dollar_iSignthis brochuresDollar_iSignthis brochures
Dollar_iSignthis brochures
 
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610 Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
 
The Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdfThe Essence of Online ID Verification for Enhanced User Authentication.pdf
The Essence of Online ID Verification for Enhanced User Authentication.pdf
 
TrustIDNow broshure
TrustIDNow broshureTrustIDNow broshure
TrustIDNow broshure
 
Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009
 
Re-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity ManagementRe-using existing PKIs for online Identity Management
Re-using existing PKIs for online Identity Management
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lecture
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for Applications
 
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
 
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
 
Identity Verification API The Cornerstone of Digital Trust.docx
Identity Verification API The Cornerstone of Digital Trust.docxIdentity Verification API The Cornerstone of Digital Trust.docx
Identity Verification API The Cornerstone of Digital Trust.docx
 
Top-KYC-AML-Providers-for-startups-and-small-business.pdf
Top-KYC-AML-Providers-for-startups-and-small-business.pdfTop-KYC-AML-Providers-for-startups-and-small-business.pdf
Top-KYC-AML-Providers-for-startups-and-small-business.pdf
 
15155678396230.pdf
15155678396230.pdf15155678396230.pdf
15155678396230.pdf
 
Digital signature
Digital signatureDigital signature
Digital signature
 

More from apidays

Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...
Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...
Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...
apidays
 
Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...
Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...
Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...
apidays
 
Apidays Helsinki 2024 - What is next now that your organization created a (si...
Apidays Helsinki 2024 - What is next now that your organization created a (si...Apidays Helsinki 2024 - What is next now that your organization created a (si...
Apidays Helsinki 2024 - What is next now that your organization created a (si...
apidays
 
Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...
Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...
Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...
apidays
 
Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...
Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...
Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...
apidays
 
Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...
Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...
Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...
apidays
 
Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...
Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...
Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...
apidays
 
Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...
Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...
Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...
apidays
 
Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...
Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...
Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...
apidays
 
Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaango
Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, OsaangoApidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaango
Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaango
apidays
 
Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...
Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...
Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...
apidays
 
Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuplo
Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, ZuploApidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuplo
Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuplo
apidays
 
Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...
Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...
Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...
apidays
 
Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adams
Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss AdamsApidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adams
Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adams
apidays
 
Apidays New York 2024 - Prototype-first - A modern API development workflow b...
Apidays New York 2024 - Prototype-first - A modern API development workflow b...Apidays New York 2024 - Prototype-first - A modern API development workflow b...
Apidays New York 2024 - Prototype-first - A modern API development workflow b...
apidays
 
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
apidays
 
Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...
Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...
Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...
apidays
 
Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danone
Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, DanoneApidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danone
Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danone
apidays
 
Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...
Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...
Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...
apidays
 
Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...
Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...
Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...
apidays
 

More from apidays (20)

Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...
Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...
Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...
 
Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...
Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...
Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...
 
Apidays Helsinki 2024 - What is next now that your organization created a (si...
Apidays Helsinki 2024 - What is next now that your organization created a (si...Apidays Helsinki 2024 - What is next now that your organization created a (si...
Apidays Helsinki 2024 - What is next now that your organization created a (si...
 
Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...
Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...
Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...
 
Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...
Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...
Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...
 
Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...
Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...
Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...
 
Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...
Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...
Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...
 
Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...
Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...
Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...
 
Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...
Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...
Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...
 
Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaango
Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, OsaangoApidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaango
Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaango
 
Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...
Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...
Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...
 
Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuplo
Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, ZuploApidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuplo
Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuplo
 
Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...
Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...
Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...
 
Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adams
Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss AdamsApidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adams
Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adams
 
Apidays New York 2024 - Prototype-first - A modern API development workflow b...
Apidays New York 2024 - Prototype-first - A modern API development workflow b...Apidays New York 2024 - Prototype-first - A modern API development workflow b...
Apidays New York 2024 - Prototype-first - A modern API development workflow b...
 
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
 
Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...
Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...
Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...
 
Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danone
Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, DanoneApidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danone
Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danone
 
Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...
Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...
Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...
 
Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...
Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...
Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...
 

Recently uploaded

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 

Recently uploaded (20)

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 

apidays LIVE Paris 2021 - Identification & Authentication for Individuals with API at eIDAS Substantial Security Level by Nicolas Bigand, Groupe La Poste

  • 1. 1
  • 2. 2 In ch a rg e of • Research • Architecture • Development • Security &Conformity • Technicalsupport for Customer &Business Nicola s BIGAND CTO & COO – L’Id e n tité Nu m é riq u e La P oste Exp e rie n ce s • 2 years at La Poste • 15 Years at Thales in cybersecurity: Develop & Launch >10 high security level products
  • 3. = Digital proof of identity How ca n you ve rify on lin e th e id e n tity of n e w cu stom e rs? Which problem do we solve ?
  • 4. Ou r Se cu rity Le ve l = e IDAS Su b sta n tia l Le ve l of a ssu ra n ce Our differentiation?
  • 5. New York JULY Australia SEPTEMBER Singapore APRIL Helsinki & North MARCH Paris DECEMBER London OCTOBER Jakarta FEBRUARY Hong Kong AUGUST JUNE India MAY Check out our API Conferences here 50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees, 300k+ online community Want to talk at one of our conferences? Apply to speak here
  • 6. EU regulation on electronic identification and trust services for electronic transactions ANSSI, the French NationalSecurity Agency has developed a certification and qualification process for French companies W h a t is e IDAS re g u la tio n ? How d oe s it a p p ly in Fra n ce ? EIDAS fra m e s d ig ita l id e n titie s in Eu rop e ANSSI g u a ra n te e s th e se rvice s se cu rity in Fra n ce L’Identité Numérique La Poste i s the only eIDAS substantial identity qualified by ANSSI in France
  • 7. Hig h le ve l Stronger security constraints: • Physical Token • Restricted access • Smart IDcard Low le ve l Single factor : login&password Su b sta n tia l le ve l Proof of Identity & 2 factors authentication e IDAS Se cu rity EQUALto sovereign process face-to-face No guarantee of identity EQUALto banking face-to- face Te ch n olog y + - Se c u rit y + - Us e r e xp e rie n c e e IDAS : 3 Le ve ls of Assu ra n ce
  • 8. Hig h le ve l Sovereign uses Ex: borders, administration Low le ve l Connection to unregulated websites Su b sta n tia l le ve l Ap p lica tion Onboarding, KYC, Management acts Advanced signature …. Co ve rs m o s t b u s in e s s id e n t ific a t io n n e e d s e IDAS : 3 Le ve ls of Assu ra n ce
  • 9. Public sector Banking Insurrance Sharing economy Gambling E-commerce Postal &deliveryservices Health And more… Signature Data sharing Identification/Onboarding &Authentication Physicalaccess Authorization Ma n y se ctors n e e d a tru ste d id e n tifica tion solu tion in p a rticu la r th ose su b je ct to strict or e volvin g re g u la tory fra m e w orks
  • 10. How d oe s L’Id e n tité Nu m é riq u e La P oste w ork? IDENTITY VERIFICATION AT SUBSTANTIAL LEVEL At home Poste office Online CERTIFIED PERSONAL DATA A UNIVERSAL KEY Substantial eIDAS Qualified by ANSSI Strong Authentication (DSP2) STRONG AUTHENTICATION APP Fo r Org a n iza t io n s Fo r Us e rs A DIGITAL PROOF OF IDENTITY Fo r b o t h An easy and secure way to prove your identity and access hundreds of online services
  • 11. Fo r Org a n iza t io n s Fo r Us e rs Asingle IDand password to remember that connect to multiple online services Atime saving solution Afraud and identity theft protection Digital proof of identity compliant with regulations Strong authentication Fraud and Identity Theft Protection Certified identity data Contact details verified Productivitygains Streamlined customer journey Improved user experience Th e b e n e fits for you r com p a n y a n d cu stom e rs a re n u m e rou s
  • 12. Exa m p le of on lin e su b scrip tion to a se rvice AP P LICATION Certaines données vont être transm ises Besoin d’ aide CGU Accessibilité M entions légales Charte informatique et liberté Gérer mes cookies Continuer Informations de profil Informations de naissance Informations de contacts Vous pouvez annuler le partage de vos données à tout moment, rendez vous sur la Charte informatique et liberté Confirm ez sur l’application +33 678 90 34 56 Modifier Une action est enattente Cliquez sur la notification ou ouvrezl’application L’Identité Numérique. Besoin d’ aide CGU Accessibilité M entions légales Charte informatique et liberté Gérer mes cookies Identifiez-vous pourvous connecter à FranceConnect S’ identifier +33 Numéro de mobile J’ aichangé denuméro Vousn’ avez pas encore d’ Identité Numérique ? Découvrir L’Identité Numérique La Poste Besoin d’ aide CGU Accessibilité M entions légales Charte informatique et liberté Gérer mes cookies Identification Button to click PIN Code Data sharing consent Data received by website YOUR W EBSITE YOUR W EBSITE
  • 13. Ou r AP I stra te g y: a solu tion b u ilt on m od e rn a n d se cu re sta n d a rd s
  • 14. L’IDENTITE NUMERIQUE BACK L’IDENTITE NUMERIQUE APPLICATION CLIENT FRONT W EB SITE CLIENT BACK Front Back 1. Add L’Ide ntité Num é rique button 2. Adapt clie nt your journe y 2. Call the API L’Identité Numérique  Only 4 REST requests for all the journey JW T CLIENT How to in te g ra te ou r AP I?
  • 15. Securing OpenID Connect protocols (ANSSI guide) Securing TLS exchanges (ANSSIguide) Secure Mobile / backend communications: Solution with an ANSSICSPN Perimeter security: Firewalls, Waf Security by redundancy: Full localredundancy +redundancyof ISO27001Docaposte Datacenter Regular audit &pentesting of APIby accredited auditor (PASSI) Process MCO&MCS : Automatic securitysupervision &regular patch management Risk analysis type ebios and peer review for each evolutions of the system Supervision done by a SOC and a NOC (with a dedicated SIEM) Se c u rit y b y De s ig n Se c u rit y d u rin g Life c yc le AP I se cu rity
  • 16. Online gambling Banking Health Public sector E-commerce Parcelcollection Electronic signature Simpler registration process Simpler online subscription process Simpler patient registration process Easier access to more than 1.000 online services via FranceConnect Faster receiving process for registered electronic mail Gain in productivity Faster integration (less than a week) Clie n t fe e d b a cks
  • 17. A m ulti-business Group : 4 b u sin e ss lin e s + 23.0 0 0 clients 50 0 0 em ployees 80 0 m illion s in revenue ALL data centers in France A fully public com pany ParcelMail Services GeoPost La Banque Postale Retailcustomers and digital business unit 24 9 0 0 0 em ployees 21,6 b illion Item s delivered per year worldwide € 31b illion In consolidated revenue (30% abroad) 17 0 0 0 Retail outlets nationwide L’Id e n tité Nu m é riq u e , a se rvice p rovid e d b y th e Fre n ch p osta l se rvice com p a n y La P oste a solu tion d istrib u te d b y DOCAP OSTE
  • 18. 17 Docaposte Contact Thanks for your attention . Let’s keep in touch . Nicolas BIGAND Chief Technical Officer & COO n icola s.b ig a n d @la p oste .fr Antoine D’HEBRAIL Marketing & Sales Director a n toin e .d -h e b ra il@la p oste .fr
  • 19. P. 18 The client identifies himself The client opens his application AtemporaryQR code is generated I am facing a human, Iauthenticate myself and Ipresent my QRcode so that the bank advisor can scan it L’Id e n tité Nu m é riq u e La P oste is e q u iva le n t to a n ID d ocu m e n t in th e p h ysica l w orld too
  • 20. 1. L’Identité Numérique integration process 1.1. A service compliant with OpenID Connect standards /authorize /token /userinfos Signout Service provider Site (Client) Autorisation code Access_token Id_token Oauth2 • Client_id / • client_secret • Clé OKAPI OKAPI Ap i Man ag e r 1 2 3 4 OpenID Connect
  • 21. 1. L’Identité Numérique integration process 1.2 Four APIs to integrate L’Identité Numérique Reply Request GET /authorize User login 1 POST/token Récupération des jetons d’accès 2 GET / userinfo Collecting access tokens 3 POST /signout Userlogout 4 The client makesa call to theendpoint / authorize of the IN, providing its client_id andits callback url asparameters. The client makesa call tothis API todisconnect the user, by providing set the user'saccess_token The client makesa call tothis API toretrieve user data, providing the user'saccess_token as aparameter The client makesa call toretrieve the access_token and the id_token, providing the authorization code received during the 1strequest as aparameter. After authenticating (1FA and 2FA), the user is redirected to the partner site (customer) via a 302 redirection. An authorization code is provided as aparameter of the URL • Access_token : authorization token linked to the user to accessthe variousresources & APIs of L’identité Numérique • ID_token: signedtoken containing the user'sidentity data in the form of a JWT ( Json WebToken). Return ofuser identity data and other information (claims) requested / authorized in the form of a json response Code 204, the useris loggedout
  • 22. 2. User data recovery 2.1.Two methods to recover data - JWT TheOpendIDConnectprotocol offered by L’Identité Numériqueallowsthe partner to retrieve the identity data of theauthenticated user in theform of aJson WebToken. The J WTis a signed token which means: • That the data transmitted has not beenmodified • That the data has beentransmitted by L’Identité Numérique Two signature algorithms available HS256and RS256 . Once decoded using tools or libraries available on the internet, the identity data and user information are exposed in the J SON payload, as well as the token metadata The La Poste public keyto verify the signature of the J WTis available at this address: • Sandbox: https://integration.compte.laposte.fr/key/public.pem • Production: https://compte.laposte.fr/key/public.pem User datawill bethoserequestedin theclaims duringthe first call to theendpoint/ authorize JSON WEB TOKEN (JWT) { "sub": "5577832670193", "email": "tests.reex10@yopmail.com", "email_verified": true, "acr": "eidas1", "given_name ": "Claire Marie", "family_name ": "Dupont", birthplace": "075110", "auth_time": 1568042343, "iat": 1568042343, "nbf": 1568042343, "exp": 1568042943, "jti": "gek6EJW -fyVzgcaYGOHqWgJXmM0wx6mXjw", "iss": "https://integration.compte.laposte.fr", "at_hash": "noaccesstoken", "aud": "FRANCECONNECT" } Extract
  • 23. 2. User data recovery 2.2. Two methods to recover data – endpoint /userinfo User datacanbe retrieved by API via a specific endpoint: / userinfos . Theyallow to be exposed in a J SONresponse, in exchange for the user's access_token. Aswith the JWT, theuser'sdata will bethoserequestedin the claimsduringthe first call to theendpoint/ authorize Endpoint / userinfo { "sub": "5577832670193", "email": "tests.reex10@yopmail.com", "email_verified": true, "given_name ": "Claire Marie", "family_name ": "Dupont", "gender": " female", "birthdate": "1965 -12 -06", "birthplace": "075110", "acr": "eidas1", "amr": [ " pwd" ], "birthcountry": "99100", "auth_time": 1568078846, "nonce": "0i1db90e32ji5b8b9cb1849acd069R854", " iat": 1568078846, "nbf": 1568078846, "exp": 3136164858, "jti": "d3oyaBnCM1Q14hqyNrCVZ -8rQn3Qfw -aNA", " iss": "https://integration.compte.laposte.fr", "at_hash": "d4ytCrc3Ix3qbS_yRcohWA", "aud": «PARTENAIRE« } Extract
  • 24. 3. « Pivot » Identity data Define the desired data : claims and scopes Scope Définition openid the technical identifier ( sub ) of the user in OpenIDConnect format will be returned gender The person's gender will be returned birthdate The person's date of birth will be returned birthplace The person's city of birth will be returned given_name The person's first names will be returned , separated by a space family_name The person's birth name will be returned email the person's email address will be returned phone the person's phone number will be returned • User datais translated into the Oauth2languageby the claims. Theseclaims canconstitute : ○ Theuser’s« pivot » identity data ○ Variousinformation about the user ○ Authentication context data • At the start of the authentication sequence, whencalling GET to / authorize, the client mustspecify the claims they wish to recover • Thenumberand type of claimsrequested may be different in the id_token and in the API responsefrom the endpoint: / userinfo • Claimscanbe groupedinto scopes,here is the list :
  • 25. New York JULY Australia SEPTEMBER Singapore APRIL Helsinki & North MARCH Paris DECEMBER London OCTOBER Jakarta FEBRUARY Hong Kong AUGUST JUNE India MAY Check out our API Conferences here 50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees, 300k+ online community Want to talk at one of our conferences? Apply to speak here