Downloaded 10 times
Uploaded byFIDO Alliance
FIDO Seminar: Authentication for a Billion Consumers - Amazon.pptx
FIDO Seminar: Authentication for a Billion Consumers - Amazon
More Related Content
Similar to FIDO Seminar: Authentication for a Billion Consumers - Amazon.pptx
More from FIDO Alliance
FIDO Seminar: Authentication for a Billion Consumers - Amazon.pptx
- 1. © FIDO Alliance2025 1 1 © FIDO Alliance 2025 Authentication for a Billion Consumers Mike Slaugh Principal Security Engineer
- 2. © FIDO Alliance2025 2 Scaling leads to more … Users 123456 Authenticators Complexity
- 3. © FIDO Alliance2025 3 3 © FIDO Alliance 2025 How do you scale an authentication system to a billion users?
- 4. © FIDO Alliance2025 4 Scaling leads to more … Users 123456 Authenticators Complexity Custom er Experience Sim plify Choice
- 5. © FIDO Alliance2025 5 #1 Customer Experience
- 6. © FIDO Alliance2025 6 Two Roles in Authentication Systems Security Owner Experience Owner
- 7. © FIDO Alliance2025 7 FRESH Security Certified
- 8. © FIDO Alliance2025 8 FRESH Experience Certified
- 9. © FIDO Alliance2025 9
- 10. © FIDO Alliance2025 10 FRESH Security Certified FRESH Experience Certified
- 11. © FIDO Alliance2025 11 Combine Roles? ?
- 12. © FIDO Alliance2025 12 Considerations for Customer Obsession Create a step-by-step experience to guide your customers through the authentication process Authenticate customers at one time. Avoid constantly redirecting the user back for more authentication Simple Create defaults and preferences based on historical usage Predict which authentication methods apply to the customer and have them ready Applicable Eliminate confusing terms and phrases that may only be meaningful only in certain languages or cultures. Accommodating
- 13. © FIDO Alliance2025 13 #2 Simplify
- 14. © FIDO Alliance2025 14 Authentication Taxonomy Verify An establishment of trust in an identity claim that facilitates downstream activities and events. Enroll An agreement between parties of the credentials that will be used going forward. Recover An event when a user no longer has access to the previously agreed upon credentials and needs another way to access their account. Authenticate A ceremony where credentials are presented and validated to quickly and easily reverify the user’s identity
- 15. © FIDO Alliance2025 15 Authenticator of Choice A1 A2 ID + AuthN Know • Password • PIN • Passphrase Have • Security Keys • Smart Card • One Time Codes • Device Recognition • TOTP • Authenticator Apps • Digital Certificate • Device Bound Passkey Are Biometrics • Touch • Face • Voice • User Name • Email Address • Phone Number • Customer Number Allow users to have multiple options and let them choose based on current situation Identifier Authentication • Multifactor Authentication • Single factor Authentication + =
- 16. © FIDO Alliance2025 16 #3 Choice
- 17. © FIDO Alliance2025 17 Which Authenticators should you use? 1 2 3 4 5 6 Trust Thresholds should determine which authenticators the program will support Authenticator High Trust Med Trust Security
- 18. © FIDO Alliance2025 18 Login Please sign in to continue. Email user123@gmail.com Don’t have an account? Sign Up Remember me NEXT Verify Please choose a verification method Password Passkey Send a code to my phone Use an authenticator app More Options? NEXT Password Please enter your password Password LOGIN
- 19. © FIDO Alliance2025 19 Trust Matrix • Choose Authenticators that are high trust • Don’t allow combination of lower trust authenticators A1 A2 High Med High Med Trust Thresholds should determine which authenticators the program will support
- 20. © FIDO Alliance2025 20 In Summary … Build experiences based on customer needs 1 Simplify the complexity of the ecosystem 2 Provide several options to authenticate 3
- 21. © FIDO Alliance2025 21 21 © FIDO Alliance 2025 Thank you
Editor's Notes
- #2 Users Edge cases become use cases Different markets will have different capabilities Complexity Complexity is the enemy of scaling Authenticators There is no “one authenticator” rule them all