Expected Use Cases of FIDO Authentication for Social ApplicationsFIDO Alliance
Expected Use Cases of FIDO Authentication for Social Applications by Naohisa Ichihara, LINE
- Presented at FIDO Seoul Public Seminar on December 5th, 2018
The General Data Protection Regulation (GDPR) come into effect earlier this year, ushering in the most significant change to European data protection laws in twenty years. The regulation impacts not only impact firms resident in the European Union (EU), but around the world, as any organization doing business with EU citizens must comply with the regulation.
FIDO Alliance standards were created from the outset with a “privacy by design” approach and are a strong fit for GDPR compliance. Crucially, FIDO delivers authentication with no third-party involvement or tracking between accounts and services. And when it comes to biometrics, FIDO standards prevent this information from being stored and matched in servers – it never leaves the user’s device – and FIDO(R) Certified devices do not allow for any biometric data to be captured.
This presentation includes:
- Key GDPR considerations when deploying strong authentication
- Where FIDO Authentication relates to GDPR articles on data protection, consent of data subject and data subject rights
- How FIDO can help your organization meet GDPR requirements
Presented at GSMA Mobile Connect + FIDO Alliance: The Future of Strong Authentication
By: Rolf Lindemann, Senior Director of Technology and Products, Nok Nok Labs
Expected Use Cases of FIDO Authentication for Social ApplicationsFIDO Alliance
Expected Use Cases of FIDO Authentication for Social Applications by Naohisa Ichihara, LINE
- Presented at FIDO Seoul Public Seminar on December 5th, 2018
The General Data Protection Regulation (GDPR) come into effect earlier this year, ushering in the most significant change to European data protection laws in twenty years. The regulation impacts not only impact firms resident in the European Union (EU), but around the world, as any organization doing business with EU citizens must comply with the regulation.
FIDO Alliance standards were created from the outset with a “privacy by design” approach and are a strong fit for GDPR compliance. Crucially, FIDO delivers authentication with no third-party involvement or tracking between accounts and services. And when it comes to biometrics, FIDO standards prevent this information from being stored and matched in servers – it never leaves the user’s device – and FIDO(R) Certified devices do not allow for any biometric data to be captured.
This presentation includes:
- Key GDPR considerations when deploying strong authentication
- Where FIDO Authentication relates to GDPR articles on data protection, consent of data subject and data subject rights
- How FIDO can help your organization meet GDPR requirements
Presented at GSMA Mobile Connect + FIDO Alliance: The Future of Strong Authentication
By: Rolf Lindemann, Senior Director of Technology and Products, Nok Nok Labs
FIDO Certified Program: The Value of Certification FIDO Alliance
A look at FIDO Certification program, including functional, authenticator and biometric; the value of certification for relaying parties and vendors, and how to get started.
David Pollington, Head of Applications and Services at GSMA joins Bjorn Hjelm, Distinguished Member of Technical Staff at Verizon, to discuss Strong Authentication - Mobile Connect and FIDO.
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO Alliance
The PSD2 (the Revised Payment Service Directive) from the European Commission requires financial institutions to deploy Strong Customer Authentication. FIDO offers a solution to the challenges created by this new regulation.
FIDO Authentication and GSMA Mobile ConnectFIDO Alliance
A detailed look at GSMA's Mobile Connect Program and how they are testing the addition of FIDO's biometric authentication to further strengthen the offering.
Introduction to FIDO Biometric AuthenticationFIDO Alliance
The model of password authentication is broken. FIDO is a new approach to authentication, including a modality for biometric authentication. Learn about the specification and the clear benefits of adding FIDO Authentication to Device APIs.
An overview of the Alliance, the problem we are addressing the password problem, how FIDO is addressing it, the new ecosystem we are creating and the road ahead.
The Second Payment Services Directive (PSD2) and the associated Regulatory Technical Standards (RTS) on strong customer authentication and secure communication impose stringent requirements on multi-factor authentication and on the security of implementations. Payment Service Providers will want to know whether the authentication solutions they put in place conform to the RTS both in terms of functionality and security.
The FIDO Alliance standards are based on multi-factor authentication and are a strong fit for PSD2 compliance. The FIDO Alliance’s certification program provides an independent evaluation of functional compliance to the standards as well as of the achieved level of security of FIDO authenticators.
Featuring industry experts, this presentation explores how FIDO can resolve key issues, including:
• How the FIDO standards conform to the RTS
• How FIDO’s certification program guarantees this conformity
• How FIDO’s certification program provides for the mandatory security evaluation imposed by the RTS
FIDO Alliance Webinar: Intuit's Journey with FIDO AuthenticationFIDO Alliance
Millions of customers trust Intuit with their most sensitive financial information. With that in mind, Intuit recently rolled out FIDO Authentication on its mobile apps to provide additional layers of security while simultaneously making the user experience more convenient. In this webinar, Marcio Mello, director & head of Product Management – Intuit Identity & Profile Platform, presents Intuit’s approach to enable FIDO Authentication, including:
Intuit’s priorities in choosing a mobile strong authentication solution
--The steps Intuit took to evaluate strong authentication solutions that met its security and usability requirements
--Intuit’s evaluation of FIDO authentication vendors and solution chosen
--The steps Intuit took to roll out FIDO Authentication, challenges faced and how they were overcome
--Intuits login time and security results after deploying FIDO
--Intuit’s advice for other service providers deploying FIDO
Speakers:
Marcio Mello, Director & Head of Product Management – Intuit Identity & Profile Platform
Andrew Shikiar, Executive Director & CMO, FIDO Alliance
Consul Connect - EPAM SEC - 22nd september 2018Peter Souter
A service mesh is necessary for organizations adopting microservices and dynamic cloud-native infrastructure. Traditional host-based network security must be replaced with modern service-based security to accommodate the highly dynamic nature of modern runtime environments. In this talk, we will look at Connect a significant new feature in Consul that provides secure service-to-service communication with automatic TLS encryption and identity-based authorization. We will look at the features of Connect, how to enable Connect in an existing Consul cluster and how easy it is to secure service-to-service communication using Connect.
FIDO Certified Program: The Value of Certification FIDO Alliance
A look at FIDO Certification program, including functional, authenticator and biometric; the value of certification for relaying parties and vendors, and how to get started.
David Pollington, Head of Applications and Services at GSMA joins Bjorn Hjelm, Distinguished Member of Technical Staff at Verizon, to discuss Strong Authentication - Mobile Connect and FIDO.
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO Alliance
The PSD2 (the Revised Payment Service Directive) from the European Commission requires financial institutions to deploy Strong Customer Authentication. FIDO offers a solution to the challenges created by this new regulation.
FIDO Authentication and GSMA Mobile ConnectFIDO Alliance
A detailed look at GSMA's Mobile Connect Program and how they are testing the addition of FIDO's biometric authentication to further strengthen the offering.
Introduction to FIDO Biometric AuthenticationFIDO Alliance
The model of password authentication is broken. FIDO is a new approach to authentication, including a modality for biometric authentication. Learn about the specification and the clear benefits of adding FIDO Authentication to Device APIs.
An overview of the Alliance, the problem we are addressing the password problem, how FIDO is addressing it, the new ecosystem we are creating and the road ahead.
The Second Payment Services Directive (PSD2) and the associated Regulatory Technical Standards (RTS) on strong customer authentication and secure communication impose stringent requirements on multi-factor authentication and on the security of implementations. Payment Service Providers will want to know whether the authentication solutions they put in place conform to the RTS both in terms of functionality and security.
The FIDO Alliance standards are based on multi-factor authentication and are a strong fit for PSD2 compliance. The FIDO Alliance’s certification program provides an independent evaluation of functional compliance to the standards as well as of the achieved level of security of FIDO authenticators.
Featuring industry experts, this presentation explores how FIDO can resolve key issues, including:
• How the FIDO standards conform to the RTS
• How FIDO’s certification program guarantees this conformity
• How FIDO’s certification program provides for the mandatory security evaluation imposed by the RTS
FIDO Alliance Webinar: Intuit's Journey with FIDO AuthenticationFIDO Alliance
Millions of customers trust Intuit with their most sensitive financial information. With that in mind, Intuit recently rolled out FIDO Authentication on its mobile apps to provide additional layers of security while simultaneously making the user experience more convenient. In this webinar, Marcio Mello, director & head of Product Management – Intuit Identity & Profile Platform, presents Intuit’s approach to enable FIDO Authentication, including:
Intuit’s priorities in choosing a mobile strong authentication solution
--The steps Intuit took to evaluate strong authentication solutions that met its security and usability requirements
--Intuit’s evaluation of FIDO authentication vendors and solution chosen
--The steps Intuit took to roll out FIDO Authentication, challenges faced and how they were overcome
--Intuits login time and security results after deploying FIDO
--Intuit’s advice for other service providers deploying FIDO
Speakers:
Marcio Mello, Director & Head of Product Management – Intuit Identity & Profile Platform
Andrew Shikiar, Executive Director & CMO, FIDO Alliance
Consul Connect - EPAM SEC - 22nd september 2018Peter Souter
A service mesh is necessary for organizations adopting microservices and dynamic cloud-native infrastructure. Traditional host-based network security must be replaced with modern service-based security to accommodate the highly dynamic nature of modern runtime environments. In this talk, we will look at Connect a significant new feature in Consul that provides secure service-to-service communication with automatic TLS encryption and identity-based authorization. We will look at the features of Connect, how to enable Connect in an existing Consul cluster and how easy it is to secure service-to-service communication using Connect.
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Digital Identity Centric Approach to Accelerate HKMA OpenAPI Phase3/4 Compliance
Ajay Biyani, Regional Vice President, ASEAN at ForgeRock
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Digital Identity Centric Approach to Accelerate HKMA OpenAPI Phase3/4 Compliance
Ajay Biyani, Regional Vice President, ASEAN at ForgeRock
Unified Security Architectures for Web and WAPOliver Pfaff
ISSE - Information Security Solutions Europe. London (London, 2001)
SSL/TLS, X509v3, PKIX, PKCS#7/11 and WTLS, WPKI, WMLSCrypt, WIM; many buzzwords come along with security technologies for E- and M-Business. Their diversity appears to create a general impression that different means of service provision such as Web and WAP lead to distinct security architectures.
From a business process owner point-of-view, different service provision technologies – e.g. supplying classical Web-based or emerging wireless services – are often means to deliver the same business process. From this perspective, the security architecture complexity should correlate with the diversity of provided business services rather than the diversity of service provisioning means.
Emerging mobile network technologies such as GPRS and UMTS as well as continuously improving handset capabilities are likely to cause the alignment of WAP approaches towards Web technologies. Thus, security architectures that exploit synergies are important to protect investments.
This contribution examines the question whether and to which extend unified security architectures for Web and WAP are possible. An emphasis is being laid on infrastructure aspects such as PKI and security token as well as network access systems. Unified security architectures that deviate only on a need-to basis are encouraged.
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT PlatformWSO2
WSO2 IoT Platform is one of the most adaptive Apache licensed open source IoT platforms available today. This slide deck discusses best of breed technologies WSO2 IoT Platform offers for device manufacturers to develop connected products as well as rich integration and smart analytics capabilities for system integrators to adopt devices into systems they build.
Distributed architectures make security difficult. JWT, OAuth2 and OIDC are standards that help in securing microservices. Microservices are deployed as containers. So container security too is critical to secure microservices. Learn how to holistically secure microservices.
When communicating over public networks it is essential to send and receive information securely. The protocol widely used to secure these communications is SSL/TLS. (SSL/TLS refers to Secure Sockets Layer or to its successor, TLS, or Transport Layer Security). SSL/TLS uses digital certificates to provide authentication and encryption. To trust that a certificate is genuine and valid, it is digitally signed by a root certificate belonging to a trusted certificate authority (CA). Operating systems and browsers maintain lists of trusted CA root certificates so that they can easily verify certificates that the CAs have issued and signed.
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
Rajiv Dholakia, Nok Nok Labs
Basics of how FIDO protocols work, how they fit into the broader identity ecosystem, the benefits of the design and the state of implementation/deployment in the market; appropriate for both technical and non-technical individuals, giving orientation before diving into the details of the specific FIDO protocols.
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCloudIDSummit
With the growing threat and public concern around the use of legacy username/password mechanisms for authentication and authorisation, many are now turning to the mobile phone as a way of providing solutions that are convenient and provide peace of mind for the user as well as meeting the security requirements and expectations of both Service Providers and Government/Regulatory Bodies keen to protect the interests of citizens. We’ll look at the role the mobile phone (and mobile operator) can play in supporting a wide range of different use cases bringing together industry initiatives such as GSMA Mobile Connect and the FIDO Alliance.
Despite advances in security, hackers continue to break through network defenses. In this hour-long webinar, network security specialist Catherine Paquet will examine the favorite methods and targets of hackers and will introduce you to the different categories of security technologies. In this foundational presentation, you will learn about the benefits of security solutions such as firewalls, VPNs, IPS, identity services and BYOD.
Building a Fool Proof Security Strategy for PSD2 ComplianceWSO2
PSD2 is centered around exposing sensitive customer data. This means the security measures you take to expose this data cannot have any loopholes. Just like your API management strategy, your security strategy is critical to implementing successful compliance.
WSO2 Open Banking comes with inbuilt capabilities to support Strong Customer Authentication (SCA) and access management. Built around the key requirements of the Regulatory Technical Standards (RTS) it provides the end to end security requirements for compliance, while ensuring that customer experience is not compromised.
This webinar will cover
The key requirements of the RTS for PSD2 Compliance - Strong Customer Authentication (SCA), federated authentication, consent management and more
The capabilities of WSO2 Open Banking to meet these security requirements
How to ensure a secure yet frictionless customer experience
A demonstration of WSO2 Open Banking
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWAREFIWARE
Presentation by Parwinder Singh (Technical Specialist, NEC Technologies India Pvt Ltd.) and Satinder Jeet Singh (Group Project Manager, NEC Technologies India Pvt Ltd.)
FIWARE Global Summit
23-24 October 2019 - Berlin, Germany
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Italy Agriculture Equipment Market Outlook to 2027harveenkaur52
Agriculture and Animal Care
Ken Research has an expertise in Agriculture and Animal Care sector and offer vast collection of information related to all major aspects such as Agriculture equipment, Crop Protection, Seed, Agriculture Chemical, Fertilizers, Protected Cultivators, Palm Oil, Hybrid Seed, Animal Feed additives and many more.
Our continuous study and findings in agriculture sector provide better insights to companies dealing with related product and services, government and agriculture associations, researchers and students to well understand the present and expected scenario.
Our Animal care category provides solutions on Animal Healthcare and related products and services, including, animal feed additives, vaccination
3. -2-
1. Overview
A. Global Authentication Trends
Top 5 Authentication Trends (RSA)
Source : RSA (https://www.rsa.com/en-us/blog/2017-09/top-5-authentication-trends-in-2017)
Modern
methods
for modern
workstyles
SSO keeping
pace with growth
in cloud
and mobility
Standards-based
authentication
Biometrics that
live up
to the hype
Device-level
Trust
Need for a consumer-simple experience
FIDO is the best practice as recent authentication technology
4. -3-
1. Overview
B. CrossCertFIDO®
What is CrossCertFIDO® ?
Component Features
CrosscertFIDO Client
(Android)
CrosscertFIDO
Authenticator
(Android)
CrosscertFIDO
Client&Authenticator
(iOS)
CrosscertFIDO
Server
CrosscertFIDO Server Admin
FIDO Deregistration
FIDO Transaction Confirmation
FIDO Authentication
FIDO Registration
Supports Easy, Fast and Secure Authentication to End-User
CrosscertFIDO
5. -4-
1. Overview
B. CrossCertFIDO®
What is CrossCertFIDO® ? – K-FIDO
FIDO Client FIDO Server
Certificate Authority (CA)
Issue Accredited Certificate
FIDO Authentication
(incl. signed data generated by accredited certificate)
Verify Accredited Certificate
Easy-Using Accredited Certificate without password
7. -6-
2. Challenge
A. Trend
On-line banking service trend in Korea
69 Millions
Internet Banking
Subscribers
66 Millions
Mobile Banking
Subscribers
Source : The Bank of Korea (2018) Source : Korea Consumer Agency (2016.12)
8. -7-
2. Challenge
B. Issue
Hard to use Accredited Certificate in National PKI (NPKI)
highly susceptible theft and misuse
(such as for account hijacking)
User Authentication
inputting a password in
mobile device is very difficult
and time consuming
Password Memorization Inconvenience
Message Integrity
Non-Repudiation
NPKI
9. -8-
2. Challenge
B. Issue
Not changeable when biometric credentials was stolen
User Auth.
Server
Register biometric
credentials
Cracker
Cracker can disguise as user permanently.
11. -10-
3. Case-Study : Kookmin Bank
A. Overview
Overview of Kookmin Bank mobile banking service
< KBStar >
Managed PKI based User Authentication
Password based User Authentication
Accredited Certificate based User Authentication
12. -11-
3. Case-Study : Kookmin Bank
A. Overview
Seeking No-Password based Authentication
No-Password?
(incl. NPKI)
Not stored
Biometric
credentials
13. -12-
3. Case-Study : Kookmin Bank
B. CrossCertFIDO® in Kookmin Bank
Implement CrossCertFIDO® in Kookmin Mobile Bank
FIDO Server
RP Server SDK
KBStar APP
(incl. RP Client SDK)
Smartphone
WAS
(RP Server)
FIDO Server
CA
Crosscert FIDO Client
Crosscert FIDO ASM /
Authenticator
FingerprintUser Kookmin Bank CrossCert’s Datacenter
HTTPS
Accredited
Certificate Proc
Server
Management
System
Dedicated
line Logging
Statistics
Management
Authenticator
Management
Policy
…
14. -13-
3. Case-Study : Kookmin Bank
B. CrossCertFIDO® in Kookmin Bank
CrossCert Global Datacenter
❖ Core Infrastructure for Our Security Services
❖ Has Been Passing Symantec’s Web Trust Audit since 2012
❖ Retained Information Security Management System Certificate Through Annual Review by Korea Internet &
Security Agency Since 2013
15. -14-
3. Case-Study : Kookmin Bank
B. CrossCertFIDO® in Kookmin Bank
Screenshot (FIDO Authentication)
16. -15-
3. Case-Study : Kookmin Bank
B. CrossCertFIDO® in Kookmin Bank
CrossCertFIDO® K-FIDO in Kookmin Mobile Bank
CrosscertFIDO®
Authenticator
CrosscertFIDO
Server
CA
KBStar Authentication
Server
① Local(Bio)
Authentication
& generate
signature(PKCS#1)
② Send signature(PKCS#1)
④ Request to verify Accredited
Certificate (CRL or OCSP)
③ Verify signature
⑤ Response status result⑥ Generate and send
SignedData(PKCS#7)
⑦ Send SignedData (PKCS#7) ⑧ Verify SignedData
Provide user authentication, data integrity and non-repudiation based on K-FIDO technology
17. -16-
3. Case-Study : Kookmin Bank
B. CrossCertFIDO® in Kookmin Bank
Screenshot (Money Transfer by K-FIDO Transaction Confirmation)
19. -18-
4. Result
A. Statistics
FIDO-based authentication across various KBStar mobile banking apps
16 Million
FIDO Transactions
Per Month
Over 260 Million
Total FIDO
Transactions
(as of Oct 2018)
KBStar Liiv KBStar Mini KBStar Alarm KB LiivOn KB MyMoney
20. -19-
4. Result
B. Roadmap
Set the stage for similar adaptation in other industries
E-Commerce
Banking
Insurance
Education
Government
Goodbye Password ! Hello FIDO & FIDO2 !