Download as PDF, PPTX
![©2018 Nok Nok Labs
BENEFIT of a FIDO FRAMEWORK
Enabling MultifactorAuthentication
Easy for developer,IT& END-USER
RIGHTLEVELOFABSTRACTION
18
Something I
Know
Something
I Have
Something I Have
+
Something I
Know
Or
Something I
Have, Who I am
…
Or
[Something I
Have, Who I am]
x2
…
TapTouch
SAME DEVELOPER API, SAME BACKEND, DIFFERENT POLICY](https://image.slidesharecdn.com/deployingfidoauthentication-businessconsiderations-181005200956/85/Deploying-FIDO-Authentication-Business-Considerations-18-320.jpg)
Uploaded byFIDO Alliance
Deploying FIDO Authentication - Business Considerations
The document discusses modern authentication and Nok Nok Labs' role in pioneering this area. It notes that Nok Nok Labs invented modern authentication, founded and led the FIDO Alliance, and has deployed authentication solutions for major markets. The document promotes the benefits of leveraging modern authentication, such as improved customer experience, higher retention and satisfaction, and reduced fraud and costs. It argues that authentication, security, and privacy will be vital for society with the rise of cloud services, IoT, and other technologies.
More Related Content
Similar to Deploying FIDO Authentication - Business Considerations
More from FIDO Alliance
Deploying FIDO Authentication - Business Considerations
- 1. ©2018 Nok NokLabs Future of Consumer Authentication Rajiv Dholakia, VP Products rajiv@noknok.com
- 2. ©2018 Nok NokLabs Nok Nok: Modern Authentication Delivered Invented Modern Authentication Showcase Identity as Business Edge Lead in Mobile & Biometrics Making Nok Nok S3 Platform De facto Choice Modern Authentication Solutions that are Simple, Strong, Scalable Delivered on Any Device, Any OS, Any Network …. Anywhere in the World Founded & led the FIDO Alliance, co-author of UAF, FIDO2 Deployed 1st global solutions in major markets Mobile Operators, Banks/Fintech, Healthcare, IoT Designed security architecture for biometrics & tokens and licensed to eco-system Innovated above and beyond FIDO 145M+ users, 4.5B+ Transactions
- 3. ©2018 Nok NokLabs Leveraging ModernAuthentication can be Transformative to your Business USABILITY DRIVES USAGE 3 Reduced Costs ✓ Improved Customer Experience ✓ Higher customer retention and satisfaction ✓ Enhanced brand loyalty – “stickiness” ✓ Increased revenue from use of services and transactions ✓ Reduced cost associated with physical visits ✓ Reduced cost of password resets ✓ Reduction in fraud and identity theft ✓ Increased privacy ✓ Reduced call center costs to verify users Increase Revenues
- 4. Why FIDO Authentication? -Trust & Security - User Experience - Diversity of use cases, requirements - The Airbag problem
- 5. ©2018 Nok NokLabs Cloud Services, Ecommerce, IoT, Distributed Ledgers… AUTHENTICATION, SECURITY & PRIVACY ARE VITAL FOR SOCIETY 5 USER ON PC/MOBILE CLOUD SERVERS CONNECTED OBJECTS INDUSTRIAL SENSORS No actionable value to data If you cannot trust the interactions RIGHT USER? RIGHT DEVICE? RIGHT CONTEXT? CAN I POST THIS DATA, SHOULD IT BE TRUSTED? SHOULD I TRUST THIS COMMAND? CAN I POST THIS TRANSACTION?
- 6. ©2018 Nok NokLabs TRUST IN DIGITALINTERACTIONS 6 Right User Right Device Right Context How could this assurance transform your business?
- 7. ©2018 Nok NokLabs Looking Back at the “The Lost Decades” Users were Collateral Damage PRIVACY SECURITY EASE OF USE SCALE
- 8. ©2018 Nok NokLabs “Primary InteractionDevices” EQUIPPEDWITHBIOMETRICS &GESTUREORIENTEDCAPABILITIES • PIDs Verify the user through user interactions and gestures • Trust Execution Environments and/or Secure Elements add security foundation for templates, matching, keys, privacy-centric crypto protocols like FIDO 2007 2013-2017 2018-2028
- 9. ©2018 Nok NokLabs FUTURE OF CONSUMERAUTHENTICATION GOLDENAGE orAPOCALYPSE? 9 Password, OTP, Server Side Biometric Match Border/Perimeter Control Applications, Surveillance Systems Client Side Uni-Modal Biometrics for Device Unlock Client Side Uni-Modal Biometrics for Device & Cloud Service Access on Mobile Client Side Multi-Modal, Mobile, Wearable & Card based for Physical, IoT & Cloud Services Client & Server Side Multi-Modal, Mobile, Wearable & Card based for Physical & Cloud Services, Sensor Surround for Continuous Authentication RecognitiontoAuthentication This is the curve we are riding…
- 10. ©2018 Nok NokLabs WHY USE FIDO vs. DIY 10 vs.
- 11. ©2018 Nok NokLabs FIDO FULFILLS THESE REQUIREMENTS Why Now? Convergence of Market Forces are Driving Change Digital Wave Pain of Passwords Standards & Regulations Mobile & Biometrics Wave
- 12. Learning from Customerengagements 12 MOTIVATIONS, SOLUTIONS, PROCESSES
- 13. ©2018 Nok NokLabs FIDO is a platform building block Passwords Identity Proofing & Recovery User Management Authentication Federation Session Mgt Risk-BasedStrong MODERN AUTHENTICATION Risk-Based IdentitySystem 13
- 14. ©2018 Nok NokLabs Cost Effectiveness Cost to develop and maintain? Ease of Deployment Effort to implement and support? Risk Biometric information storing and protection? Security Fraud reduction, e.g. man-in-the-middle and phishing attacks? Future Proofing Effort to incorporate additional modalities? Scalability Support for millions of users and diverse use cases? Customer Experience Seamless and frictionless experience? DECISIONSABOUT SECURITYARE NOTALWAYS RATIONAL COMPLEXITYPARALYSIS,EMOTIONALDRIVERS,FEAR HAZARDS 14 Considerations $
- 15. ©2018 Nok NokLabs The FIDO Journey – The Ideal Process Develop Identity, Authentication Strategy • 3-5 year roadmap Integrate FIDO into the IAM system • Architecture, Scale, Exception Handling, Security Launch & Adoption • Customer, Service & Partner Preparedness & Communication Marketing & Monetization • Use FIDO as a strategic weapon Advanced Initiatives • IOT, Blockchain ... 15
- 16. ©2018 Nok NokLabs MasteringAuthentication: Best Practices 16 Recognition or Authentication? What’s at stake? Consent? Active or Passive? Single or Multi-Modal? Recovery? Lifecycle model? Documented Threat Model? How are templates & matcher protected? Attack vectors? Failure modes, Predictability, Operational variations? Is there PII? Who owns the biometric? Operating multiple authentication silos or standards-based approach? ü Run a POC ü Develop a framework for use (beware shiny objects) ü Build a 3-5 year roadmap ü Consider a standards-based approach with FIDO
- 17. ©2018 Nok NokLabs What about Authenticators? • No single authenticator modality will replace passwords • No perfect Authenticator • All authenticators can be attacked, all authenticators are subject to compromise • How do you choose? • Usability • Security • Cost • The point of the framework is to deploy the right authenticator(s) to raise the cost of attack and make it not worthwhile 17
- 18. ©2018 Nok NokLabs BENEFIT of a FIDO FRAMEWORK Enabling MultifactorAuthentication Easy for developer,IT& END-USER RIGHTLEVELOFABSTRACTION 18 Something I Know Something I Have Something I Have + Something I Know Or Something I Have, Who I am … Or [Something I Have, Who I am] x2 … TapTouch SAME DEVELOPER API, SAME BACKEND, DIFFERENT POLICY
- 19. ©2018 Nok NokLabs SINGLE MOST EFFECTIVE INVESTMENT DeliversEaseofUse&Security 19 Would you take pills for every waterborne disease every time you took a drink of water or would you rather chlorinate the water? Current state of security: Its like drinking water from the tap in 1800s