The document outlines the agenda and discussions from the FIDO (Fast IDentity Online) session at an event in Munich in 2015, highlighting topics related to online authentication standards, including FIDO UAF and U2F specifications. It addresses the security challenges posed by current password systems and advocates for local device authentication to enhance user experience and security. The FIDO Alliance seeks to establish interoperability in authentication methods, reduce costs for enterprises, and simplify the process for consumers.

1. EIC Munich 2015
1

2. Overview
2
14:00 14:30 FIDO Now Donal O'Shea, FIDO Alliance
14:30 15:00 FIDO UAF 1.0 Specs: Overview and Insights Rolf Lindemann, Nok Nok
Labs
15:00 15:30 FIDO U2F 1.0 Specs: Overview and Insights Alexei Czeskis, Google
15:30 15:45 Coffee
15:45 16:15 FIDO, PKI & beyond: Where authentication meets
identification
Kim Nguyen, D-­‐Trust
Cord Bartels, CBcon
16:15 16:45 Deploying FIDO: Ins and Outs Panel: Moderator Matthias
Reinwarth, Kuppinger Cole;
Kevin Lynch, Synaptics; Bob
Stewart, Sonavation;
Michael Poitner, NXP; Chris
Woodthorpe, Infineon
16:45 17:45 FIDO Ready™ Products Entersekt-­‐Infineon-­‐Nok Nok
Labs-­‐Yubico
17:45 18:00 Q&A Wrap Up FIDO

3. AGENDA
3
Interoperability Problem
Password Problem
FIDO Solution
About FIDO

4. The FIDO Story

5. The FIDO Story—2
Technology Ecosystem

6. AGENDA
6
Interoperability Problem
Password Problem
FIDO Solution
About FIDO

7. Cyber crime is out of
CONTROL
7

8. 708 data breaches
IN 2014...
82 million
personal records stolen
8

9. Average cost per data breach
$3.5 MILLION:
9
$92.3 MILLION:
Average annual loss to mobile fraud

10. We have a PASSWORD PROBLEM
10

11. Passwords
no longer
keep us safe
11

12. Ill-suited for mobile devices
Kept in centralized databases
Easily broken
12

13. Re-used Phished Keylogged
TOO MANY TO REMEMBER,
DIFFICULT TO TYPE,
AND NOT SECURE
13

14. Other mechanisms have not been a success
14

15. ONE-TIME CODES
Improve security but
aren’t easy enough
Still
Phishable
Know attacks today
User
Experience
User Confusion
Device
Usability
One per site/ Fragile
SMS
Usability
Coverage/ Delay/ Cost
15

16. WE NEED A
NEW MODEL
16

17. The FIDO Story—3
• Relevant companies with compelling interest
– The FIDO founders
• PayPal, Lenovo, Nok Nok Labs, Validity Sensors, Infineon,
and Agnitio
– Meetings started about four years ago
• Technology — initial scoping and approach
• Ecosystem — everybody talk to their friends
• Legal —
– Create an organization that
» Protects IP and
» Prevents antitrust

18. Putting It Together
The problem:
Simpler, Stronger, Interoperable online
authentication
The trend:
Local device authentication
Why not:
Use local device auth for online authentication?
This is the core idea behind FIDO standards!

19. We need
™
19

20. AGENDA
20
Interoperability Problem
Password Problem
FIDO Solution
About FIDO

21. THE FIDO
SECURITY
PARADIGM
21
Poor Good
WeakStrong
USABILITY
SECURITY Current
Solutions
™

22. THE FOCUS IS
PRIVACY
22

23. 23
No 3rd Party in the Protocol
No Secrets on the Server side
Biometric data (if used) never leaves device
No link-ability between Services
No link-ability between Accounts

24. THE ECOSYSTEM
Consumers
Enterprises
Online Service
Providers
24

25. FIDO Standardization
LOGIN USER APPROVAL
REGISTRATION COMPLETE KEY SELECTED
LOGIN CHALLENGE
LOGIN RESPONSE
1 2
4 3
Leverage public key
cryptography
ONLINE CRYPTO
PROTOCOL
PLUGGABLE
LOCAL AUTH

26. Not boiling the sea

27. Security for providers
Reduced enterprise costs
Simple for consumers
27

28. FOR CONSUMERS
Easy to Use Interoperable Private Secure
28

29. FOR ENTERPRISES
Reduced cost &
complexity
Strong asset
protection
Effective BYOD
support
29

30. FOR ONLINE
SERVICE PROVIDERS
Exceptional user
experience
Stronger
Security
Cost
containment
30

31. LOWER COST AND COMPLEXITY
FOR ONLINE SERVICE PROVIDERS
Single
Infrastructure
Any
Device
Risk
Appropriate
31

32. AGENDA
32
Interoperability Problem
Password Problem
FIDO Solution
About FIDO

33. FIDO TIMELINE
FIDO 1.0 FINAL
Specification
First UAF & U2F
Deployments
Specification
Review Draft
FIDO Ready
Program
Alliance
Announced
FEB
2013
DEC
2013
FEB
2014
FEB-OCT
2014
DEC 9
2014
33

34. A broad range of
board, associate,
& sponsor members
34

35. Board Members
190 & GROWING…
35

36. Sponsor Members
190 & GROWING…
36

37. Associate Members
190 & GROWING…
37

38. Infineon
NSP
NNL
A range of
FIDO PRODUCTS
is now available
38

39. 39
1.0 Specification
Online Services
Chip Providers
Device Providers
Biometrics Technology Providers
Enterprise Servers
Open Source sw/servers
Mobile Aps & clients
Browsers

40. The FIDO Alliance
UAF Working
Group
U2F Working
Group
Certification
WorkingGroup
Marketing
WorkingGroup
Privacy and
Public Policy
WorkingGroup
Board of
Directors
Executive
Director
FIDO Alliance
Staff
FIDO 2.0
WorkingGroup

41. JOIN THE
FIDO ALLIANCE
41

42. Join FIDO
• Three levels of membership
– Board of Directors
– Member
– Associate
• Website
– www.fidoalliance.org
• Email me
– donal@fidoalliance.org

43. EXPERIENCE SIMPLER, STRONGERAUTHENTICATION
43