Downloaded 188 times
Uploaded byFIDO Alliance
Introduction to FIDO Alliance
The FIDO Alliance addresses the growing problem of data breaches resulting from compromised credentials, promoting a new authentication model that utilizes public key cryptography instead of traditional passwords. This model enhances security, preserves user privacy, and improves user experience by eliminating shared secrets and minimizing data theft risks. With over 250 member organizations, the FIDO Alliance aims to establish open standards for secure online authentication and has seen significant adoption of its certified products in the market.
More Related Content
Similar to Introduction to FIDO Alliance
More from FIDO Alliance
![[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-digitalaccessibilitywhydevelopersneedtoknowandcarein2025-251127011019-0674441d-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels](https://cdn.slidesharecdn.com/ss_thumbnails/md-exploringappleson-devicefoundationmodels-251124030840-d690542c-thumbnail.jpg?width=640&height=640&fit=bounds)
![Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day3-cfd-251120170304-ddef8112-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Mobile Development] Crafting Immersive UI with E2E and AGSL Shade...](https://cdn.slidesharecdn.com/ss_thumbnails/md-craftingimmersiveuiwithe2eandagslshaderveronicaputrianggraini-251124030840-0c677f44-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Artificial Intelligence] AI for the Underdogs: Innovation for Sma...](https://cdn.slidesharecdn.com/ss_thumbnails/ai-aifortheunderdogsinnovationforsmallbusinesses-251124030839-72a599a4-thumbnail.jpg?width=640&height=640&fit=bounds)
![[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...](https://cdn.slidesharecdn.com/ss_thumbnails/fs-themodernstackbuildingwebaiapplicationswithserverless-251124030844-388cf04f-thumbnail.jpg?width=640&height=640&fit=bounds)
Introduction to FIDO Alliance
- 1. INTRODUCTION TO FIDOALLIANCE Brett McDowell, Executive Director brett@fidoalliance.org All Rights Reserved. FIDO Alliance. Copyright 2016.
- 2. The Problem The Solution TheAlliance The Market
- 3. 781 data breachesin 2015 Data Breaches… 170 million records in 2015 (up 50%) $3.8 million cost/breach (up 23% f/2013) All Rights Reserved. FIDO Alliance. Copyright 2016. 3
- 4. “95% of theseincidents involve harvesting credentials stolen from customer devices, then logging into web applications with them.” 2015 Data Breach Investigations Report
- 5. “A look throughthe details of these incidents shows a common sequence of phish customer ≥ get credentials ≥ abuse web application ≥ empty bank/bitcoin account.” 2015 Data Breach Investigations Report
- 6. The world hasa PASSWORD PROBLEM 5Confidential
- 7. ONE-TIME PASSCODES Improve securitybut aren’t easy enough to use Still Phishable User Confusion Token Necklace SMS Reliability 6Confidential All Rights Reserved. FIDO Alliance. Copyright 2016. 7
- 8. The world hasa “SHARED SECRETS” PROBLEM 5Confidential
- 9. WE NEED A NEWMODEL All Rights Reserved. FIDO Alliance. Copyright 2016. 9
- 10. The Problem The Solution TheAlliance The Market
- 11. THE NEW MODEL FastIDentity Online online authentication using public key cryptography
- 12.
- 13. THE FIDO PARADIGM Poor Easy WeakStrongUSABILITY SECURITY All Rights Reserved. FIDO Alliance. Copyright 2016. 13
- 14. HOW “Shared Secrets”WORK ONLINE The user authenticates themselves online by presenting a human-readable “shared secret”
- 15. HOW FIDO WORKS AUTHENTICATOR LOCALONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography All Rights Reserved. FIDO Alliance. Copyright 2016. 15
- 16. FIDO Registration Invitation SentNew Keys Created Pubic Key Registered With Online Server User is in a Session Or New Account Flow 1 2 3 4 Registration Complete User Approval All Rights Reserved. FIDO Alliance. Copyright 2016. 16
- 17. Login Complete FIDO Authentication FIDOChallenge Key Selected & Signs Signed Response verified using Public Key Cryptography User needs to login or authorize a transaction 1 2 3 4 User Approval All Rights Reserved. FIDO Alliance. Copyright 2016. 17
- 18. OPEN STANDARDS R.O.I. FIDO-ENABLE ONCE GAIN EVERY DEVICE YOU TRUST NO MORE ONE-OFF INTEGRATIONS All Rights Reserved. FIDO Alliance. Copyright 2016. 18
- 19. USABILITY, SECURITY, R.O.I. and PRIVACY AllRights Reserved. FIDO Alliance. Copyright 2016. 19
- 20. No 3rd Partyin the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No Link-ability Between Services No Link-ability Between Accounts
- 21. FIDO Delivers onKey Priorities Security • Authentication using strong asymmetric Public Key cryptography • Superior to old “shared secrets” model – there is nothing to steal on the server • Biometrics as second factor Privacy • Privacy architected in up front; supports EU Privacy Principles, other national privacy initiatives • No linkability or tracking • Biometric data never leaves device • Consumer control and consent Interoperability • Open standards: FIDO 2.0 specs are in W3C standardization process • FIDO compliance/ conformance testing to ensure interoperability of “FIDO certified” products Usability • Designed with the user experience (UX) first – with a goal of making authentication as easy as possible. • Security built to support the user’s needs, not the other way around
- 22. Better security foronline services Reduced cost for the enterprise Simpler and safer for consumers All Rights Reserved. FIDO Alliance. Copyright 2016. 22
- 23. The Problem The Solution TheAlliance The Market
- 24. The FIDO Allianceis an open industry association of over 250 organizations with a focused mission: authentication standards
- 25. Physical-to-digital identity User Management Authentication Federation Single Sign-On PasswordsRisk-BasedStrong MODERN AUTHENTICATION FIDO SCOPE
- 26. FIDO Alliance Mission Develop Specifications Operate AdoptionPrograms Pursue Formal Standardization 1 2 3
- 27. Board Members All RightsReserved. FIDO Alliance. Copyright 2016.
- 28. Sponsor Members All RightsReserved. FIDO Alliance. Copyright 2016. 28
- 29. Associate Members All RightsReserved. FIDO Alliance. Copyright 2016. 29
- 30. Government & Research 30 30AllRights Reserved. FIDO Alliance. Copyright 2016.
- 31.
- 32. FIDO DEVELOPMENT TIMELINE FIDO1.0 FINALFirst DeploymentsSpecification Review Draft FIDO Ready Program Alliance Announced FEB 2013 DEC 2013 FEB 2014 FEB-OCT 2014 DEC 2014 MAY 2015 NOV 2015 Submission of FIDO Web API into W3C JUNE 2015 Certification Program New U2F Transports All Rights Reserved. FIDO Alliance. Copyright 2016. 32
- 33. The Problem The Solution TheAlliance The Market
- 34. All Rights Reserved.FIDO Alliance. Copyright 2016. EXAMPLE: PAYPAL & SAMSUNG (FIDO DEPLOYMENT #1) Value Proposition Video 34
- 35. PayPal All Rights Reserved.FIDO Alliance. Copyright 2016. 35
- 36. More FIDO Adoption/Announcements AllRights Reserved. FIDO Alliance. Copyright 2016. 36
- 37. Deployments are enabledby over 200 FIDO® Certified products available today All Rights Reserved. FIDO Alliance. Copyright 2016. 37
- 38. Certification Growth 38 151 62 32 62 74 108 159 213 Apr-15 Jul-15Sep-15 Dec-15 Mar-16 May-16 TOTAL All Rights Reserved. FIDO Alliance. Copyright 2016.
- 39. 39All Rights Reserved.FIDO Alliance. Copyright 2016.
- 40. Leading OEMs ShippingFIDO Certified Devices S5, Mini Alpha Note 4,5 Note Edge Tab S, Tab S2 S6, S6 Edge S7, S7 Edge Vernee Thor Aquos Zeta Xperia Z5 Xperia Z5 Compact Xperia Z5 Premium Mate 8 V10 G5 Phab2 Pro Phab2 Plus Z2, Z2 ProArrows NX Arrows Fit Arrows Tab All Rights Reserved. FIDO Alliance. Copyright 2016. 40
- 41. iPhone 5s iPhone6, 6+ iPad Air 2, Mini 3 iPhone 6s, 6s+ iPad Mini 4 iPad Pro FIDO Applications Now Run on iOS Supported iOS Fingerprint Devices All Rights Reserved. FIDO Alliance. Copyright 2016. 41
- 42.
- 43.
- 44. THANK YOU! QUESTIONS? brett@fidoalliance.org |info@fidoalliance.org All Rights Reserved. FIDO Alliance. Copyright 2016.
Editor's Notes
- #4 Source of 781 breaches in 2015 = Identity Theft Resource Center Breach Report Source of 170m records exposed in 2015 = Identity Theft Resource Center Breach Report (note >66% of these in healthcare) Source of $3.8m / breach in 2015 = Ponemon Institute Cost of Data Breach Study
- #5 Source: 2015 Data Breach Investigations Report published by Verizon with contributions from 70 organizations around the world.
- #6 Source: 2015 Data Breach Investigations Report published by Verizon with contributions from 70 organizations around the world.
- #7 But what specifically makes passwords such a problem? (lead into next slide)
- #8 The only thing worse than a password is two passwords. SMS is not always available / dedicated hardware is often service-specific / it’s cumbersome process users generally don’t like / and it is still vulnerable to phishing (it is still a symmetric shared secret, just short-lived, but malware tools have adjusted to this)
- #9 But what specifically makes passwords such a problem? (lead into next slide)
- #12 User convenience is so important that we put it in the very name of the technology itself - the “F” in FIDO stands for Fast. Historically, “Fast” has always meant “Weak” – but it’s important to understand that FIDO was designed from the ground up to provide privacy protections in addition to providing strong authentication. Fundamentally, the solution that we developed replaces passwords, which are over 50 years old, with modern public key cryptography.
- #28 AMEX, VASCO and INFINEON announced today
- #31 One more prominent EU government agency is about to be announced.
- #32 One more prominent EU government agency is about to be announced.
- #41 We support a growing number of fingerprint enabled Android devices that have in-built UAF capabilities Most of the new Samsung high devices with FPSs support UAF Newer devices from Fujitsu, Sharp and Sony increasingly include UAF support out of the box Fujitsu Arrows NX supports UAF-enabled iris authentication. We will see other types of authenticators also appear in coming devices We support the Android M fingerprint API Apart from these devices with native FIDO UAF support, we also support virtually any non-FPS Android device running Kit Kat or newer using an embedded UAF PIN authenticator.
- #42 We support all Touch ID enabled iOS devices These devices don’t have native FIDO UAF support We have built a UAF authenticator using the Touch ID API and the secure enclave We also support non-Touch ID devices(Eg iPhone 4s and 5) running iOS 8 or higher using device passcode (PIN) authenticator