SlideShare a Scribd company logo
All Rights Reserved | FIDO Alliance | Copyright 20181
GLOBAL REGULATORY
LANDSCAPE FOR STRONG
AUTHENTICATION
DEVELOPMENTS IN POLICY, REGULATION AND
GUIDANCE AROUND THE WORLD
All Rights Reserved | FIDO Alliance | Copyright 20182
AUTHENTICATION IS IMPORTANT TO GOVERNMENTS
1. Protects access to government assets
2. Enables more high-value citizen-facing services
3. Empowers private sector to provide a wider range of high value
services to consumers
4. Secures critical assets and infrastructure
Governments seek identity solutions that can deliver not just improved
Security – but also Privacy, Interoperability, and better Customer
Experiences
The right policies and standards are needed to enable this.
FIDO IS IMPACTING HOW GOVERNMENTS THINK
ABOUT AUTHENTICATION
Priorities:
• Ensuring that future online products and services
coming into use are “secure by default”
• Empowering consumers to “choose products and
services that have built-in security as a default
setting.”
“[We will] invest in technologies like Trusted Platform
Modules (TPM) and emerging industry standards such as
Fast IDentity Online (FIDO), which do not rely on
passwords for user authentication, but use the machine
and other devices in the user’s possession to authenticate.
The Government will test innovative authentication
mechanisms to demonstrate what they can offer, both in
terms of security and overall user experience.”
All Rights Reserved | FIDO Alliance | Copyright 20183
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/
national_cyber_security_strategy_2016.pdf
FIDO IS IMPACTING HOW GOVERNMENTS THINK
ABOUT AUTHENTICATION
U.S. Commission on Enhancing
National Cybersecurity:
• Bipartisan commission established by
the White House in April – charged
with crafting recommendations for
the next President
• Major focus on Authentication
All Rights Reserved | FIDO Alliance | Copyright 20184
US COMMISSION ON ENHANCING NATIONAL
CYBERSECURITY
“Other important work that must be undertaken to overcome identity
authentication challenges includes the development of open-source
standards and specifications like those developed by the Fast IDentity
Online (FIDO) Alliance. FIDO specifications are focused largely on the
mobile smartphone platform to deliver multifactor authentication to
the masses, all based on industry standard public key cryptography.
Windows 10 has deployed FIDO specifications (known as Windows
Hello), and numerous financial institutions have adopted FIDO for
consumer banking. Today, organizations complying with FIDO
specifications are able to deliver secure authentication technology on
a wide range of devices, including mobile phones, USB keys, and near-
field communications (NFC) and Bluetooth low energy (BLE) devices
and wearables.
This work, other standards activities, and new tools that support
continuous authentication provide a strong foundation for opt-in
identity management for the digital infrastructure.”
All Rights Reserved | FIDO Alliance | Copyright 20185
https://www.nist.gov/sites/default/files/documents/2016/12/02/cybersecurity-commission-report-final-post.pdf
US – TREASURY SECRETARY MNUCHIN
HIGHLIGHTS IMPORTANCE OF FIDO
“Many of you have been working toward these goals for years now – the 2011
National Strategy for Trusted Identities in Cyberspace (NSTIC) charted a path
for government to work with the private sector, developing an identity
ecosystem that embraced these important principles – security, privacy, ease
of use, and interoperability.
“Out of NSTIC, we’ve seen great innovations through public-private
partnerships. These include the emergence of FIDO authentication, where
major firms in IT, software, device manufacturers, banking, health care and
security have partnered with government - the National Institute of Standards
and Technology in particular - to deliver on this vision. This has been done
by creating new standards like FIDO and OpenID Connect that are being used
today to enable more robust and secure authentication.
“With these commitments from industry, we’re at the point where it will be
hard for a consumer to buy a device or launch a browser that doesn’t
support strong authentication out of the box. It’s an innovation – driven by
industry and supported by government – that is improving security and
transforming digital commerce.”
All Rights Reserved | FIDO Alliance | Copyright 20186
All Rights Reserved | FIDO Alliance | Copyright 20187
IDEA: AUTHENTICATION
AS REGTECH
WHAT IS REGTECH?
RegTech: Technology that helps businesses comply with
regulations efficiently and inexpensively.
- A u s t r a l i a n S e c u r i t i e s a n d I n v e s t m e n t s C o m m i s s i o n ( A S I C )
-Or-
RegTech: technology that seeks to provide “nimble,
configurable, easy to integrate, reliable, secure and cost -
effective” compliance solutions
- D e l o i t t e
8 All Rights Reserved | FIDO Alliance | Copyright 2018
AUTHN IS REGTECH…RIGHT?
Nimble?
Configurable?
Easy to
integrate?
Cost effective?Secure?
Reliable?
9 All Rights Reserved | FIDO Alliance | Copyright 2018
All Rights Reserved | FIDO Alliance | Copyright 201810
OLD AUTHENTICATION - OTPS
Old strong authentication required a separate channel or device…
ONE-TIME PASSCODES
Improve security but aren’t easy enough to use
STILL
PHISHABLE
USER
CONFUSION
TOKEN
NECKLACE
SMS
RELIABILITY1
1NIST SP800-63-3: “Out-of-band authentication using the [public switched telephone network] (SMS or voice) is discouraged and is being considered for removal in future editions of this guideline.”
All Rights Reserved | FIDO Alliance | Copyright 201711
OLD AUTHENTICATION – SMART CARDS
INCONVENIENT
SMART CARDS OFFER STRONG CRYTOGRAPHIC SECURITY BUT…
SMART CARDS
Offer strong cryptographic security but are:
COSTLY
Old strong authentication required a separate channel or device…
POOR BYOD SUPPORT
THE AUTHN CHALLENGE
Nimble
Configurable
Easy to
integrate
Cost effectiveSecure
Reliable
We need authentication solutions that can meet the “RegTech”
definition - allowing better business models and customer
experiences to flourish - without concerns about security, privacy
and other compliance requirements
12 All Rights Reserved | FIDO Alliance | Copyright 2018
All Rights Reserved | FIDO Alliance | Copyright 201813
AREAS OF INNOVATION + REGULATION
•Digital
Government
•National IDs
•eIDAS
• GDPR
• Stop 81% of
breaches
• EHR
• Patient Access
• Doctor Access
• Payments +
FinTech
• PSD2
• KYC
Financial
Services
Health
Care
eGov/
Citizen
Services
Privacy
&
Security
All Rights Reserved | FIDO Alliance | Copyright 201814
AREAS OF INNOVATION + REGULATION
• Digital
Government
• National IDs
• eIDAS
• GDPR
• Stop 81%
breaches
• EHR
• Patient Access
• Doctor Access
• Payments +
FinTech
• PSD2
• KYC
Financial
Services
Health
Care
eGov/
Citizen
Services
Privacy
&
Security
Compliance is driv ing a need for better authentication
Security
Privacy Interoperability
Usability
All Rights Reserved | FIDO Alliance | Copyright 201815
FIDO AS REGTECH
FIDO delivers on key priorities
All Rights Reserved | FIDO Alliance | Copyright 201816
FIDO IMPACT ON POLICY
FIDO specifications offer governments newer, better options for
strong authentication – but governments may need to update
some policies to support the ways in which FIDO is different.
As technology evolves,
policy needs to evolve with it.
AS TECHNOLOGY EVOLVES,
POLICY NEEDS TO EVOLVE WITH IT.
• While this statement was true of most “old” MFA
technology, FIDO specifically addresses these cost
and usability issues
• FIDO enables simpler, stronger authentication
capabilities that governments, businesses and
consumers can easily adopt at scale
1) Recognize that two-factor authentication
no longer brings higher burdens or costs
All Rights Reserved | FIDO Alliance | Copyright 201817
All Rights Reserved | FIDO Alliance | Copyright 201818
AS TECHNOLOGY EVOLVES,
POLICY NEEDS TO EVOLVE WITH IT.
• First recognized by the U.S. government (NIST) in 2014
• “OMB (White House) to update guidance on remote electronic
authentication” to remove requirements that one factor be
separate from the device accessing the resource
• The evolution of mobile devices – in particular, hardware
architectures that offer highly robust and isolated execution
environments (such as TEE, SE and TPM) – has allowed these
devices to achieve high-grade security without the need for a
physically distinct token
2) Recognize technology is now mature enough to enable
two secure, distinct authn factors in a single device
All Rights Reserved | FIDO Alliance | Copyright 201819
TECHNOLOGY IS NOW MATURE ENOUGH TO ENABLE TWO SECURE,
DISTINCT AUTHENTICATION FACTORS IN A SINGLE DEVICE
Europe and Payment Services
Directive 2 (PSD2)
• Original guidance (December 2015)
from the European Banking Authority
(EBA) was heavily weighted toward
OTP, considered prohibition of two
authentication factors delivered on
the same device.
• The emergence of FIDO prompted
EBA to revise its guidance – the final
version (November 2017) references
FIDO’s architecture for protecting
the independence of authentication
factors on multi-purpose devices
such as smart phones.
http://ec.europa.eu/finance/docs/level-2-measures/psd2-rts-2017-
7782_en.pdf
All Rights Reserved | FIDO Alliance | Copyright 201820
TECHNOLOGY IS NOW MATURE ENOUGH TO ENABLE TWO SECURE,
DISTINCT AUTHENTICATION FACTORS IN A SINGLE DEVICE
FIDO recognized at the highest Authenticator
Assurance Level (AAL3) by NIST
• NIST published a 2017 update to its digital
identity standards that reflects the emergence of
new standards like FIDO
• Both Universal 2 Factor (U2F) and
passwordless/UAF solutions were recognized as
being at the highest level of assurance for
authenticators.
https://pages.nist.gov/800-63-3/
All Rights Reserved | FIDO Alliance | Copyright 201821
AS TECHNOLOGY EVOLVES,
POLICY NEEDS TO EVOLVE WITH IT.
• The market is in the midst of a burst of innovation around authentication technology—
some solutions are better than others. Don’t build rules focused on old authentication
technology
• Old authentication technologies impose significant costs and burdens on the user—
which decreases adoption
• Old authentication technologies have security (i.e., phishable) and privacy issues—
putting both users and online service providers at risk
3) As governments promote or require strong authentication,
make sure it is the “right” authentication
All Rights Reserved | FIDO Alliance | Copyright 201822
AS TECHNOLOGY EVOLVES,
POLICY NEEDS TO EVOLVE WITH IT
Example: Taiwan
• Taiwan’s Financial Supervisory Commission (FSC) in December 2016
changed its e-Banking Security Control regulations to make clear:
Client-side biometrics are appropriate to use for e-Banking
applications
• Previous version: Pointed only to server-side biometric match;
emergence of FIDO prompted a change
3) As governments promote or require strong authentication,
make sure it is the “right” authentication
All Rights Reserved | FIDO Alliance | Copyright 201823
AS TECHNOLOGY EVOLVES,
POLICY NEEDS TO EVOLVE WITH IT
Example: US
• US Department of Veterans Affairs (VA)
▸ First US government citizen-facing application
(vets.gov) to support FIDO (September 2017)
• US Department of Defense (DoD)
▸ DoD CIO declares that U2F allowed as an alternative to
PKI – where PKI integration is not feasible (April 2017)
• US Senate
▸ Requests US Social Security Administration protect
citizen accounts with FIDO - instead of SMS or OTP
3) As governments promote or require strong authentication,
make sure it is the “right” authentication
Security
Privacy Interoperability
Usability
All Rights Reserved | FIDO Alliance | Copyright 201824
FIDO DELIVERS ON KEY POLICY PRIORITIES
All Rights Reserved | FIDO Alliance | Copyright 201825
QUESTIONS?
THANK YOU!

More Related Content

What's hot

Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & Status
FIDO Alliance
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance
 
FIDO UAF Adoption in Hong Kong
FIDO UAF Adoption in Hong KongFIDO UAF Adoption in Hong Kong
FIDO UAF Adoption in Hong Kong
FIDO Alliance
 
FIDO and Adaptive Authentication
FIDO and Adaptive AuthenticationFIDO and Adaptive Authentication
FIDO and Adaptive Authentication
FIDO Alliance
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
FIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and RecommendationsFIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO Alliance
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO Alliance
 
Consumer Authentication Trends in APAC
Consumer Authentication Trends in APACConsumer Authentication Trends in APAC
Consumer Authentication Trends in APAC
FIDO Alliance
 
Introducing FIDO Device Onboard (FDO)
Introducing  FIDO Device Onboard (FDO)Introducing  FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
FIDO Alliance
 
FIDO's Role in the Global Regulatory Landscape for Strong Authentication
FIDO's Role in the Global Regulatory Landscape for Strong AuthenticationFIDO's Role in the Global Regulatory Landscape for Strong Authentication
FIDO's Role in the Global Regulatory Landscape for Strong Authentication
FIDO Alliance
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
FIDO Alliance
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology Landscape
FIDO Alliance
 
FIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - Presentation
FIDO Alliance
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
FIDO Alliance
 
FIDO Alliance Today: Status and News
FIDO Alliance Today: Status and NewsFIDO Alliance Today: Status and News
FIDO Alliance Today: Status and News
FIDO Alliance
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
FIDO Alliance
 
Webinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the EnterpriseWebinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the Enterprise
FIDO Alliance
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO Alliance
 
FIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government RequirementsFIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government Requirements
FIDO Alliance
 
FIDO Alliance Vision and Status
FIDO Alliance Vision and StatusFIDO Alliance Vision and Status
FIDO Alliance Vision and Status
FIDO Alliance
 

What's hot (20)

Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & Status
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
 
FIDO UAF Adoption in Hong Kong
FIDO UAF Adoption in Hong KongFIDO UAF Adoption in Hong Kong
FIDO UAF Adoption in Hong Kong
 
FIDO and Adaptive Authentication
FIDO and Adaptive AuthenticationFIDO and Adaptive Authentication
FIDO and Adaptive Authentication
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
 
FIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and RecommendationsFIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and Recommendations
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
 
Consumer Authentication Trends in APAC
Consumer Authentication Trends in APACConsumer Authentication Trends in APAC
Consumer Authentication Trends in APAC
 
Introducing FIDO Device Onboard (FDO)
Introducing  FIDO Device Onboard (FDO)Introducing  FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
 
FIDO's Role in the Global Regulatory Landscape for Strong Authentication
FIDO's Role in the Global Regulatory Landscape for Strong AuthenticationFIDO's Role in the Global Regulatory Landscape for Strong Authentication
FIDO's Role in the Global Regulatory Landscape for Strong Authentication
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology Landscape
 
FIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - Presentation
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
 
FIDO Alliance Today: Status and News
FIDO Alliance Today: Status and NewsFIDO Alliance Today: Status and News
FIDO Alliance Today: Status and News
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
 
Webinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the EnterpriseWebinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the Enterprise
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
 
FIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government RequirementsFIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government Requirements
 
FIDO Alliance Vision and Status
FIDO Alliance Vision and StatusFIDO Alliance Vision and Status
FIDO Alliance Vision and Status
 

Similar to Global Regulatory Landscape for Strong Authentication

Strong Authentication Trends in Government
Strong Authentication Trends in GovernmentStrong Authentication Trends in Government
Strong Authentication Trends in Government
FIDO Alliance
 
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Alliance
 
FIDO in Government
FIDO in GovernmentFIDO in Government
FIDO in Government
FIDO Alliance
 
BigData and Cybersecurity for Digital Finance and conclusions
BigData and Cybersecurity for Digital Finance and conclusionsBigData and Cybersecurity for Digital Finance and conclusions
BigData and Cybersecurity for Digital Finance and conclusions
Big Data Value Association
 
Introduction to FIDO Biometric Authentication
Introduction to FIDO Biometric AuthenticationIntroduction to FIDO Biometric Authentication
Introduction to FIDO Biometric Authentication
FIDO Alliance
 
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays
 
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
ForgeRock
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
japijapi
 
How Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond KairouzHow Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond Kairouz
sigortatatbikatcilari
 
FIDO Authentication in Hong Kong
FIDO Authentication in Hong KongFIDO Authentication in Hong Kong
FIDO Authentication in Hong Kong
FIDO Alliance
 
Dr K Subramanian
Dr K SubramanianDr K Subramanian
Dr K Subramanian
eletseditorial
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Alliance
 
1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx
ssuserc1c6091
 
Barcelona presentationv6
Barcelona presentationv6Barcelona presentationv6
Barcelona presentationv6
Mohan Venkataraman
 
8 trends of IoT in 2018
8 trends of IoT in 20188 trends of IoT in 2018
8 trends of IoT in 2018
Ahmed Banafa
 
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachCloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
SLA-Ready Network
 
Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...
Ravinder (Ravi) Singh
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
OKsystem
 
The State of Strong Authentication
The State of Strong AuthenticationThe State of Strong Authentication
The State of Strong Authentication
FIDO Alliance
 

Similar to Global Regulatory Landscape for Strong Authentication (20)

Strong Authentication Trends in Government
Strong Authentication Trends in GovernmentStrong Authentication Trends in Government
Strong Authentication Trends in Government
 
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
 
FIDO in Government
FIDO in GovernmentFIDO in Government
FIDO in Government
 
BigData and Cybersecurity for Digital Finance and conclusions
BigData and Cybersecurity for Digital Finance and conclusionsBigData and Cybersecurity for Digital Finance and conclusions
BigData and Cybersecurity for Digital Finance and conclusions
 
Introduction to FIDO Biometric Authentication
Introduction to FIDO Biometric AuthenticationIntroduction to FIDO Biometric Authentication
Introduction to FIDO Biometric Authentication
 
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...
 
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
 
How Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond KairouzHow Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond Kairouz
 
FIDO Authentication in Hong Kong
FIDO Authentication in Hong KongFIDO Authentication in Hong Kong
FIDO Authentication in Hong Kong
 
Dr K Subramanian
Dr K SubramanianDr K Subramanian
Dr K Subramanian
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
 
1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx
 
Barcelona presentationv6
Barcelona presentationv6Barcelona presentationv6
Barcelona presentationv6
 
8 trends of IoT in 2018
8 trends of IoT in 20188 trends of IoT in 2018
8 trends of IoT in 2018
 
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachCloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
 
Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
 
The State of Strong Authentication
The State of Strong AuthenticationThe State of Strong Authentication
The State of Strong Authentication
 

More from FIDO Alliance

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdfFIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdfFIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdfFIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdfFIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdfFIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FIDO Alliance
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
FIDO Alliance
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
FIDO Alliance
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
FIDO Alliance
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
FIDO Alliance
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
FIDO Alliance
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
FIDO Alliance
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
FIDO Alliance
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
FIDO Alliance
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
FIDO Alliance
 

More from FIDO Alliance (20)

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdfFIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
 
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdfFIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdfFIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdf
 
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdfFIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdfFIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 

Recently uploaded

WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
Lidia A.
 
Advanced Techniques for Cyber Security Analysis and Anomaly Detection
Advanced Techniques for Cyber Security Analysis and Anomaly DetectionAdvanced Techniques for Cyber Security Analysis and Anomaly Detection
Advanced Techniques for Cyber Security Analysis and Anomaly Detection
Bert Blevins
 
find out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challengesfind out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challenges
huseindihon
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Mydbops
 
Comparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdfComparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdf
Andrey Yasko
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
Neo4j
 
Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
Bert Blevins
 
The Evolution of Remote Server Management
The Evolution of Remote Server ManagementThe Evolution of Remote Server Management
The Evolution of Remote Server Management
Bert Blevins
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
BrainSell Technologies
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
SynapseIndia
 
Active Inference is a veryyyyyyyyyyyyyyyyyyyyyyyy
Active Inference is a veryyyyyyyyyyyyyyyyyyyyyyyyActive Inference is a veryyyyyyyyyyyyyyyyyyyyyyyy
Active Inference is a veryyyyyyyyyyyyyyyyyyyyyyyy
RaminGhanbari2
 
How RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptxHow RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptx
SynapseIndia
 
Observability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetryObservability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetry
Eric D. Schabell
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
Adam Dunkels
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
Emerging Tech
 
Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...
chetankumar9855
 
CHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSE
CHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSECHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSE
CHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSE
kumarjarun2010
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
maigasapphire
 

Recently uploaded (20)

WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
 
Advanced Techniques for Cyber Security Analysis and Anomaly Detection
Advanced Techniques for Cyber Security Analysis and Anomaly DetectionAdvanced Techniques for Cyber Security Analysis and Anomaly Detection
Advanced Techniques for Cyber Security Analysis and Anomaly Detection
 
find out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challengesfind out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challenges
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
 
Comparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdfComparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdf
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
 
Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
 
The Evolution of Remote Server Management
The Evolution of Remote Server ManagementThe Evolution of Remote Server Management
The Evolution of Remote Server Management
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
 
Active Inference is a veryyyyyyyyyyyyyyyyyyyyyyyy
Active Inference is a veryyyyyyyyyyyyyyyyyyyyyyyyActive Inference is a veryyyyyyyyyyyyyyyyyyyyyyyy
Active Inference is a veryyyyyyyyyyyyyyyyyyyyyyyy
 
How RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptxHow RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptx
 
Observability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetryObservability For You and Me with OpenTelemetry
Observability For You and Me with OpenTelemetry
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
 
Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...
 
CHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSE
CHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSECHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSE
CHAPTER-8 COMPONENTS OF COMPUTER SYSTEM CLASS 9 CBSE
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
 

Global Regulatory Landscape for Strong Authentication

  • 1. All Rights Reserved | FIDO Alliance | Copyright 20181 GLOBAL REGULATORY LANDSCAPE FOR STRONG AUTHENTICATION DEVELOPMENTS IN POLICY, REGULATION AND GUIDANCE AROUND THE WORLD
  • 2. All Rights Reserved | FIDO Alliance | Copyright 20182 AUTHENTICATION IS IMPORTANT TO GOVERNMENTS 1. Protects access to government assets 2. Enables more high-value citizen-facing services 3. Empowers private sector to provide a wider range of high value services to consumers 4. Secures critical assets and infrastructure Governments seek identity solutions that can deliver not just improved Security – but also Privacy, Interoperability, and better Customer Experiences The right policies and standards are needed to enable this.
  • 3. FIDO IS IMPACTING HOW GOVERNMENTS THINK ABOUT AUTHENTICATION Priorities: • Ensuring that future online products and services coming into use are “secure by default” • Empowering consumers to “choose products and services that have built-in security as a default setting.” “[We will] invest in technologies like Trusted Platform Modules (TPM) and emerging industry standards such as Fast IDentity Online (FIDO), which do not rely on passwords for user authentication, but use the machine and other devices in the user’s possession to authenticate. The Government will test innovative authentication mechanisms to demonstrate what they can offer, both in terms of security and overall user experience.” All Rights Reserved | FIDO Alliance | Copyright 20183 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/ national_cyber_security_strategy_2016.pdf
  • 4. FIDO IS IMPACTING HOW GOVERNMENTS THINK ABOUT AUTHENTICATION U.S. Commission on Enhancing National Cybersecurity: • Bipartisan commission established by the White House in April – charged with crafting recommendations for the next President • Major focus on Authentication All Rights Reserved | FIDO Alliance | Copyright 20184
  • 5. US COMMISSION ON ENHANCING NATIONAL CYBERSECURITY “Other important work that must be undertaken to overcome identity authentication challenges includes the development of open-source standards and specifications like those developed by the Fast IDentity Online (FIDO) Alliance. FIDO specifications are focused largely on the mobile smartphone platform to deliver multifactor authentication to the masses, all based on industry standard public key cryptography. Windows 10 has deployed FIDO specifications (known as Windows Hello), and numerous financial institutions have adopted FIDO for consumer banking. Today, organizations complying with FIDO specifications are able to deliver secure authentication technology on a wide range of devices, including mobile phones, USB keys, and near- field communications (NFC) and Bluetooth low energy (BLE) devices and wearables. This work, other standards activities, and new tools that support continuous authentication provide a strong foundation for opt-in identity management for the digital infrastructure.” All Rights Reserved | FIDO Alliance | Copyright 20185 https://www.nist.gov/sites/default/files/documents/2016/12/02/cybersecurity-commission-report-final-post.pdf
  • 6. US – TREASURY SECRETARY MNUCHIN HIGHLIGHTS IMPORTANCE OF FIDO “Many of you have been working toward these goals for years now – the 2011 National Strategy for Trusted Identities in Cyberspace (NSTIC) charted a path for government to work with the private sector, developing an identity ecosystem that embraced these important principles – security, privacy, ease of use, and interoperability. “Out of NSTIC, we’ve seen great innovations through public-private partnerships. These include the emergence of FIDO authentication, where major firms in IT, software, device manufacturers, banking, health care and security have partnered with government - the National Institute of Standards and Technology in particular - to deliver on this vision. This has been done by creating new standards like FIDO and OpenID Connect that are being used today to enable more robust and secure authentication. “With these commitments from industry, we’re at the point where it will be hard for a consumer to buy a device or launch a browser that doesn’t support strong authentication out of the box. It’s an innovation – driven by industry and supported by government – that is improving security and transforming digital commerce.” All Rights Reserved | FIDO Alliance | Copyright 20186
  • 7. All Rights Reserved | FIDO Alliance | Copyright 20187 IDEA: AUTHENTICATION AS REGTECH
  • 8. WHAT IS REGTECH? RegTech: Technology that helps businesses comply with regulations efficiently and inexpensively. - A u s t r a l i a n S e c u r i t i e s a n d I n v e s t m e n t s C o m m i s s i o n ( A S I C ) -Or- RegTech: technology that seeks to provide “nimble, configurable, easy to integrate, reliable, secure and cost - effective” compliance solutions - D e l o i t t e 8 All Rights Reserved | FIDO Alliance | Copyright 2018
  • 9. AUTHN IS REGTECH…RIGHT? Nimble? Configurable? Easy to integrate? Cost effective?Secure? Reliable? 9 All Rights Reserved | FIDO Alliance | Copyright 2018
  • 10. All Rights Reserved | FIDO Alliance | Copyright 201810 OLD AUTHENTICATION - OTPS Old strong authentication required a separate channel or device… ONE-TIME PASSCODES Improve security but aren’t easy enough to use STILL PHISHABLE USER CONFUSION TOKEN NECKLACE SMS RELIABILITY1 1NIST SP800-63-3: “Out-of-band authentication using the [public switched telephone network] (SMS or voice) is discouraged and is being considered for removal in future editions of this guideline.”
  • 11. All Rights Reserved | FIDO Alliance | Copyright 201711 OLD AUTHENTICATION – SMART CARDS INCONVENIENT SMART CARDS OFFER STRONG CRYTOGRAPHIC SECURITY BUT… SMART CARDS Offer strong cryptographic security but are: COSTLY Old strong authentication required a separate channel or device… POOR BYOD SUPPORT
  • 12. THE AUTHN CHALLENGE Nimble Configurable Easy to integrate Cost effectiveSecure Reliable We need authentication solutions that can meet the “RegTech” definition - allowing better business models and customer experiences to flourish - without concerns about security, privacy and other compliance requirements 12 All Rights Reserved | FIDO Alliance | Copyright 2018
  • 13. All Rights Reserved | FIDO Alliance | Copyright 201813 AREAS OF INNOVATION + REGULATION •Digital Government •National IDs •eIDAS • GDPR • Stop 81% of breaches • EHR • Patient Access • Doctor Access • Payments + FinTech • PSD2 • KYC Financial Services Health Care eGov/ Citizen Services Privacy & Security
  • 14. All Rights Reserved | FIDO Alliance | Copyright 201814 AREAS OF INNOVATION + REGULATION • Digital Government • National IDs • eIDAS • GDPR • Stop 81% breaches • EHR • Patient Access • Doctor Access • Payments + FinTech • PSD2 • KYC Financial Services Health Care eGov/ Citizen Services Privacy & Security Compliance is driv ing a need for better authentication
  • 15. Security Privacy Interoperability Usability All Rights Reserved | FIDO Alliance | Copyright 201815 FIDO AS REGTECH FIDO delivers on key priorities
  • 16. All Rights Reserved | FIDO Alliance | Copyright 201816 FIDO IMPACT ON POLICY FIDO specifications offer governments newer, better options for strong authentication – but governments may need to update some policies to support the ways in which FIDO is different. As technology evolves, policy needs to evolve with it.
  • 17. AS TECHNOLOGY EVOLVES, POLICY NEEDS TO EVOLVE WITH IT. • While this statement was true of most “old” MFA technology, FIDO specifically addresses these cost and usability issues • FIDO enables simpler, stronger authentication capabilities that governments, businesses and consumers can easily adopt at scale 1) Recognize that two-factor authentication no longer brings higher burdens or costs All Rights Reserved | FIDO Alliance | Copyright 201817
  • 18. All Rights Reserved | FIDO Alliance | Copyright 201818 AS TECHNOLOGY EVOLVES, POLICY NEEDS TO EVOLVE WITH IT. • First recognized by the U.S. government (NIST) in 2014 • “OMB (White House) to update guidance on remote electronic authentication” to remove requirements that one factor be separate from the device accessing the resource • The evolution of mobile devices – in particular, hardware architectures that offer highly robust and isolated execution environments (such as TEE, SE and TPM) – has allowed these devices to achieve high-grade security without the need for a physically distinct token 2) Recognize technology is now mature enough to enable two secure, distinct authn factors in a single device
  • 19. All Rights Reserved | FIDO Alliance | Copyright 201819 TECHNOLOGY IS NOW MATURE ENOUGH TO ENABLE TWO SECURE, DISTINCT AUTHENTICATION FACTORS IN A SINGLE DEVICE Europe and Payment Services Directive 2 (PSD2) • Original guidance (December 2015) from the European Banking Authority (EBA) was heavily weighted toward OTP, considered prohibition of two authentication factors delivered on the same device. • The emergence of FIDO prompted EBA to revise its guidance – the final version (November 2017) references FIDO’s architecture for protecting the independence of authentication factors on multi-purpose devices such as smart phones. http://ec.europa.eu/finance/docs/level-2-measures/psd2-rts-2017- 7782_en.pdf
  • 20. All Rights Reserved | FIDO Alliance | Copyright 201820 TECHNOLOGY IS NOW MATURE ENOUGH TO ENABLE TWO SECURE, DISTINCT AUTHENTICATION FACTORS IN A SINGLE DEVICE FIDO recognized at the highest Authenticator Assurance Level (AAL3) by NIST • NIST published a 2017 update to its digital identity standards that reflects the emergence of new standards like FIDO • Both Universal 2 Factor (U2F) and passwordless/UAF solutions were recognized as being at the highest level of assurance for authenticators. https://pages.nist.gov/800-63-3/
  • 21. All Rights Reserved | FIDO Alliance | Copyright 201821 AS TECHNOLOGY EVOLVES, POLICY NEEDS TO EVOLVE WITH IT. • The market is in the midst of a burst of innovation around authentication technology— some solutions are better than others. Don’t build rules focused on old authentication technology • Old authentication technologies impose significant costs and burdens on the user— which decreases adoption • Old authentication technologies have security (i.e., phishable) and privacy issues— putting both users and online service providers at risk 3) As governments promote or require strong authentication, make sure it is the “right” authentication
  • 22. All Rights Reserved | FIDO Alliance | Copyright 201822 AS TECHNOLOGY EVOLVES, POLICY NEEDS TO EVOLVE WITH IT Example: Taiwan • Taiwan’s Financial Supervisory Commission (FSC) in December 2016 changed its e-Banking Security Control regulations to make clear: Client-side biometrics are appropriate to use for e-Banking applications • Previous version: Pointed only to server-side biometric match; emergence of FIDO prompted a change 3) As governments promote or require strong authentication, make sure it is the “right” authentication
  • 23. All Rights Reserved | FIDO Alliance | Copyright 201823 AS TECHNOLOGY EVOLVES, POLICY NEEDS TO EVOLVE WITH IT Example: US • US Department of Veterans Affairs (VA) ▸ First US government citizen-facing application (vets.gov) to support FIDO (September 2017) • US Department of Defense (DoD) ▸ DoD CIO declares that U2F allowed as an alternative to PKI – where PKI integration is not feasible (April 2017) • US Senate ▸ Requests US Social Security Administration protect citizen accounts with FIDO - instead of SMS or OTP 3) As governments promote or require strong authentication, make sure it is the “right” authentication
  • 24. Security Privacy Interoperability Usability All Rights Reserved | FIDO Alliance | Copyright 201824 FIDO DELIVERS ON KEY POLICY PRIORITIES
  • 25. All Rights Reserved | FIDO Alliance | Copyright 201825 QUESTIONS? THANK YOU!

Editor's Notes

  1. “thumbs down is a stand-in icon
  2. To sum up, FIDO delivers on all of these key priorities: security, usability, privacy and interoperability. Some additional points on privacy: There’s no 3rd party in the protocol so you don’t have to worry about correlation handles or any third-party watching where users are authenticating. It’s direct from the device to the application. There are no shared secrets stored on the server, which saves you in the case of a data breach of that server. If used, biometric data must never leave the device, which is privacy preserving. That’s a requirement of FIDO certification. One of the biggest benefits of the FIDO design is that there’s no new link-ability or identifier in a FIDO device – no new way to track a user or link their behavior across applications. There isn’t even a way to link that user across different accounts on the same system. Cookie methods still exist, but nothing new that’s being delivered by FIDO.