SlideShare a Scribd company logo
1 of 10
Download to read offline
Classification: Public
Merck operates as EMD Group in the U.S. and in Canada.
Andreas Pellengahr
Merck KGaA, Darmstadt, Germany
Paris, April 10th, 2024
Own your passkeys, authentication, onboarding & recovery
Moving Beyond
Passwords
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
1
Classification: Public
Own your Identities
Credentials
Authentication
Onboarding & Recovery
Classification: Public
Credentials
Store your passkeys in your own FIDO server
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
3
Self-Controlled
Password
AD
SMS, Call,
Authenticator App
Azure AD
Self-Controlled
Password
AD
+
Self-Controlled
Passkey
StrongKey
Foreign
Passkey
Apple, Google,
Microsoft, etc.
Only Password Password & MFA Passkey
Decision
Classification: Public
Authentication
Sign in with Passkeys
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
4
2
3
1
Classification: Public
Authentication
Sign in with Passkeys – in unsupported Apps
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
5
App Browser
+
Classification: Public
Authentication
Sign in exclusively with Passkeys - Advanced Protection
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
6
Only Passkeys.
Password + MFA is not available.
For all human accounts.
Standard & Privileged.
For all apps.
Account-based rule.
Classification: Public
Onboarding and Recovery
Enforce secure verification mechanisms
Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10
7
Always verify
No manual workarounds. Not even by admins.
Only trust verified physical assets
SimCard-Check, Passkey-of-colleague, etc.
Don’t trust a single verification
SimCard-Check + Password, etc.
Classification: Public
Own your Identities
Credentials
Authentication
Onboarding & Recovery
Classification: Public
CHALLENGES
© FIDO Alliance 2024 Confidential
10
Moving Beyond
Passwords
Andreas Pellengahr, Merck KGaA, Darmstadt, Germany
FIDO Paris Seminar
2024-04-10

More Related Content

Similar to Moving Beyond Passwords: FIDO Paris Seminar.pdf

Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
OKsystem
 
6DCP Food Safety Solution
6DCP Food Safety Solution6DCP Food Safety Solution
6DCP Food Safety Solution
Eddie Cohen
 
Securing The Cloud
Securing The CloudSecuring The Cloud
Securing The Cloud
george.james
 

Similar to Moving Beyond Passwords: FIDO Paris Seminar.pdf (20)

O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerO365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
 
Cloud Credential Council - Buliding Recognized Cloud Competence Standards
Cloud Credential Council - Buliding Recognized Cloud Competence StandardsCloud Credential Council - Buliding Recognized Cloud Competence Standards
Cloud Credential Council - Buliding Recognized Cloud Competence Standards
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrighton
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
 
WatchGuard: Protecting Endpoints with Threat Detection Response (TDR)
WatchGuard: Protecting Endpoints with Threat Detection Response (TDR)WatchGuard: Protecting Endpoints with Threat Detection Response (TDR)
WatchGuard: Protecting Endpoints with Threat Detection Response (TDR)
 
DigiCert EV Code Signing Certificate Feature and Benefits
DigiCert EV Code Signing Certificate Feature and BenefitsDigiCert EV Code Signing Certificate Feature and Benefits
DigiCert EV Code Signing Certificate Feature and Benefits
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar Presentation
 
Secure your Business
Secure your BusinessSecure your Business
Secure your Business
 
Certified virtualization security expert (advanced v mware security) certifie...
Certified virtualization security expert (advanced v mware security) certifie...Certified virtualization security expert (advanced v mware security) certifie...
Certified virtualization security expert (advanced v mware security) certifie...
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
 
Certifications on Security - IS AUDIT
Certifications on Security - IS AUDITCertifications on Security - IS AUDIT
Certifications on Security - IS AUDIT
 
6DCP Food Safety Solution
6DCP Food Safety Solution6DCP Food Safety Solution
6DCP Food Safety Solution
 
Hypervault Sensitive Data Manager
Hypervault Sensitive Data ManagerHypervault Sensitive Data Manager
Hypervault Sensitive Data Manager
 
Risk Management Vendor Briefing
Risk Management Vendor BriefingRisk Management Vendor Briefing
Risk Management Vendor Briefing
 
6 in-1 enterprise cloud certification training program
6 in-1 enterprise cloud certification training program6 in-1 enterprise cloud certification training program
6 in-1 enterprise cloud certification training program
 
An Identity Bridge to Somewhere
An Identity Bridge to SomewhereAn Identity Bridge to Somewhere
An Identity Bridge to Somewhere
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
 
Securing The Cloud
Securing The CloudSecuring The Cloud
Securing The Cloud
 

More from LoriGlavin3

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
 

More from LoriGlavin3 (8)

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptxFIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
 

Recently uploaded

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
Muhammad Subhan
 

Recently uploaded (20)

How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptx
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 

Moving Beyond Passwords: FIDO Paris Seminar.pdf

  • 1. Classification: Public Merck operates as EMD Group in the U.S. and in Canada. Andreas Pellengahr Merck KGaA, Darmstadt, Germany Paris, April 10th, 2024 Own your passkeys, authentication, onboarding & recovery Moving Beyond Passwords Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10 1
  • 2. Classification: Public Own your Identities Credentials Authentication Onboarding & Recovery
  • 3. Classification: Public Credentials Store your passkeys in your own FIDO server Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10 3 Self-Controlled Password AD SMS, Call, Authenticator App Azure AD Self-Controlled Password AD + Self-Controlled Passkey StrongKey Foreign Passkey Apple, Google, Microsoft, etc. Only Password Password & MFA Passkey Decision
  • 4. Classification: Public Authentication Sign in with Passkeys Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10 4 2 3 1
  • 5. Classification: Public Authentication Sign in with Passkeys – in unsupported Apps Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10 5 App Browser +
  • 6. Classification: Public Authentication Sign in exclusively with Passkeys - Advanced Protection Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10 6 Only Passkeys. Password + MFA is not available. For all human accounts. Standard & Privileged. For all apps. Account-based rule.
  • 7. Classification: Public Onboarding and Recovery Enforce secure verification mechanisms Moving Beyond Passwords | for FIDO Paris Seminar | by Merck KGaA | 2024-04-10 7 Always verify No manual workarounds. Not even by admins. Only trust verified physical assets SimCard-Check, Passkey-of-colleague, etc. Don’t trust a single verification SimCard-Check + Password, etc.
  • 8. Classification: Public Own your Identities Credentials Authentication Onboarding & Recovery
  • 10. © FIDO Alliance 2024 Confidential 10 Moving Beyond Passwords Andreas Pellengahr, Merck KGaA, Darmstadt, Germany FIDO Paris Seminar 2024-04-10