Download to read offline
More Related Content
Similar to Ask FIDO About Anything: Certification
Ask FIDO About Anything: Certification
- 1. © FIDO Alliance2021 1 WEBINAR
- 2. © FIDO Alliance2021 2
- 3. © FIDO Alliance2021 Today’s Speakers Dr. Rae Rivera Director of Certification FIDO Alliance Megan Shamas Director of Marketing & Chief Question Asker FIDO Alliance
- 4. © FIDO Alliance2021
- 5. © FIDO Alliance2021 Standardization for industry Market differentiation Regulatory requirement Consumer protection
- 6. © FIDO Alliance2021 FIDO’s Perspective
- 7. © FIDO Alliance2021
- 8. © FIDO Alliance2021 Stand out against competition Increased product rigor Competitive edge
- 9. © FIDO Alliance2021 INDUSTRY REQUIREMENT MEETS COMPLIANCE ASPECTS VALIDATED IN MARKET
- 10. © FIDO Alliance2021 Confidence in product quality Security and trust Informed purchases Product rigor
- 11. © FIDO Alliance2021 FIDOCertificationProgram
- 12. © FIDO Alliance2021 12
- 13. © FIDO Alliance2021 Functional Certification Conformance Test Validation • Validates product against specification Interoperability • Validates implementability of product in the marketplace
- 14. © FIDO Alliance2021 • • • 14
- 15. © FIDO Alliance2021 15 Functional Certification Security Evaluation Authenticator Certification
- 16. © FIDO Alliance2021 Vendor Questionnaire Test Procedures Secretariat or Lab Evaluation
- 17. © FIDO Alliance2021 17 AUTHENTICATOR SECURITY LEVELS Level 1 • Basic authenticator security • Software based solutions Level 2 • Adds Allowed Restricted Operating Requirement (AROE) • Increased assurances based on the AROE Level 3 • All requirements of level 1 and 2, with added assurances related to hardware protections • Companion Program required
- 18. © FIDO Alliance2021 18
- 19. © FIDO Alliance2021 19
- 20. © FIDO Alliance2021 20 What is tested? • False Accept Rate (FAR) • False Reject Rate (FRR) • Presentation Attack Detection (PAD) • Program includes Self-attestation (validated based on vendor test data) Using a Certified Biometric Subcomponent: • Optional for Authenticators using a Biometric at L1-L2. • The Security Requirements enforce Biometric Certification of the biometric at L3 and higher when a biometric is used in the authenticator. • Once L2+ is finalized Biometric Certification will also be required • Results in a “FIDO Certified” Authenticator
- 21. © FIDO Alliance2021 21
- 22. © FIDO Alliance2021 22
- 23. © FIDO Alliance2021 Thank you
- 24. © FIDO Alliance2021 Ask FIDO Anything Dr. Rae Rivera Director of Certification FIDO Alliance Megan Shamas Director of Marketing & Chief Question Asker FIDO Alliance
Editor's Notes
- #4 Let me introduce today’s speakers… me, and Andrew Shikiar who is the FIDO Alliance executive director and chief marketing officer
- #8 Functional Testing –compliant and conformant Interoperability testing
- #9 We are seeing an increase in relying parties requesting products to be FIDO Certified, including specific level requirements to meet RP needs.
- #10 Government agencies continue to recognize FIDO Certified products in the market. This is seen internationally within the authentication and identity space.
- #11 This is a growing area for FIDO Alliance as we have seen with the Login with FIDO gain interest and increase awareness of FIDO products n the marketplace.
- #14 Available to members and non-members; servers and SDKs
- #16 The FIDO Certification Program is intended to certify FIDO authenticators (e.g. UAF, U2F) against FIDO specifications and some additional security requirements. Level 1 ensures implementations are conformant to the specifications, are interoperable, and meet basic security and privacy considerations. Level 1 is tested by FIDO. Level 2 and above require evaluation and/or testing by a FIDO Accredited Security Laboratory.
- #25 Let me introduce today’s speakers… me, and Andrew Shikiar who is the FIDO Alliance executive director and chief marketing officer