SlideShare a Scribd company logo
Tales from a Passkey Provider
Progress from Awareness to Implementation
May 2024
PRIVATE &
CONFIDENTIAL
Nick Steele
Staff Product Manager
1Password
Today’s
speakers
Shane Weeden
Senior Technical Staff Member
IBM
Megan Shamas
(moderator)
Senior Director of Marketing
FIDO Alliance
PRIVATE &
CONFIDENTIAL
Agenda
• Where we’ve been
• Where we’re at
• What you can do
• Panel Q&A
PRIVATE &
CONFIDENTIAL
Where have we been?
PRIVATE &
CONFIDENTIAL
We are still Pioneers
PRIVATE &
CONFIDENTIAL
And sometimes it feels like this
PRIVATE &
CONFIDENTIAL
U2F/CTAP
UAF
CTAP2 WebAuthn
Passkeys ✨
Verifiable
Credentials
👋
2014
PRIVATE &
CONFIDENTIAL
Passkeys
in the news
September 2022: iOS16 officially brings
passkeys to Apple devices.
October 2023: Google makes passkeys the default sign-
in option for all users, significantly boosting adoption.
April 2024: X (formerly Twitter) rolls out global
support for passkeys on IOS.
October 2023: Amazon begins supporting passkeys
for all users.
PRIVATE &
CONFIDENTIAL
2023: The year of the 3rd Party Passkey Provider
• Weak and stolen credentials remain the number one cause of breaches.
• Passkey Providers are the new Password Manager!
• Trial users who interact with our passkey features are ~20% more likely to convert
to paying customers than those who do not.
• With new solutions, come new problems! Platforms & Hardware Tokens have
different needs.
• Relying Party as a Service continues to flourish.
• We
PRIVATE &
CONFIDENTIAL
PRIVATE &
CONFIDENTIAL
Where are we at?
PRIVATE &
CONFIDENTIAL
2024: Regulations, Enterprise, and Beyond(Corp)
• 400 Million Google Accounts, over 1 Billion authentications.
• Passkeys are officially AAL2 compliant!
• But MFA, especially for regulation, is still lagging.
• Passkeys are a replacement for passwords (and sometimes need MFA)
• Both B2B and B2C are still struggling with UX and UI regarding passkeys, especially in
regulated industries.
• Starting to be co-opted into Zero Trust architectures and decision-making.
PRIVATE &
CONFIDENTIAL
Looking Ahead: FIDO UCEP and UCEF
• FIDO Universal Credential Exchange Protocol & Format
• Aims to help address current issues around lock-in, insecure import/export, and other
issues related to moving different types of credentials.
• Not limited by passkeys, but motivated by passkeys.
• Currently working on proof of concepts and testing with 5 companies,
• Expect V1 to be published in the next few weeks!
PRIVATE &
CONFIDENTIAL
What you can do?
PRIVATE &
CONFIDENTIAL
Where do you Start?
• Check out some RPaaS! (Insert shameless plug for Passage here)
• If you’re thinking about building your own solution, here are a few things we’ve learned:
• Basic implementations are not hard. The challenge is accounting for fallbacks,
account recovery, and device edge cases.
• WebAuthn is an evolving standard, so keep an eye out for changes that can improve
user experience. Additions like PublicKeyCredentialDescriptor could make
identifying providers much easier.
• Poor implementations can cause conversions to drop.
• Educating users is a huge part of the shift, and one of the biggest hurdles.
PRIVATE &
CONFIDENTIAL
What about your organization?
• If you’re going the in-house route. Get started now or catch up later
• As new features get released, don’t aim for a moving target.
• Savings can be more motivating than Security
• Reduce SMS OTP Fees.
• Passkeys provide 50% faster logins, 64% increase in login success.
• Shopify merchants that enabled passkeys for shoppers saw an 8% increase in
conversion.
PRIVATE &
CONFIDENTIAL
Tales from the Trail
Thank you!

More Related Content

Similar to Tales from a Passkey Provider Progress from Awareness to Implementation.pptx

Sydney mule soft meetup 30 april 2020
Sydney mule soft meetup   30 april 2020Sydney mule soft meetup   30 april 2020
Sydney mule soft meetup 30 april 2020
Royston Lobo
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
CloudLock
 
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
modolabs
 
How to Build an Effective API Security Strategy
How to Build an Effective API Security StrategyHow to Build an Effective API Security Strategy
How to Build an Effective API Security Strategy
Nordic APIs
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
Amazon Web Services
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
Evernym
 
Bridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapBridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On Gap
OracleIDM
 
Lyra Infosystems Services and Consulting Portfolio 2020
Lyra Infosystems Services and Consulting Portfolio 2020Lyra Infosystems Services and Consulting Portfolio 2020
Lyra Infosystems Services and Consulting Portfolio 2020
Lyra Infosystems Pvt. Ltd
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
TrustArc
 
apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...
apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...
apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...
apidays
 
SeattleFall1
SeattleFall1SeattleFall1
SeattleFall1
Victor Angelbeat
 
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance
 
Securing DevOps Lifecycle
Securing DevOps LifecycleSecuring DevOps Lifecycle
Securing DevOps Lifecycle
DevOps Indonesia
 
Security Keys Presentation.pptx
Security Keys Presentation.pptxSecurity Keys Presentation.pptx
Security Keys Presentation.pptx
Alok Sharma
 
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Sebastian Taphanel CISSP-ISSEP
 
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
TechWell
 
7 things to consider when choosing your IaaS provider for ISV/SaaS
7 things to consider when choosing your IaaS provider for ISV/SaaS7 things to consider when choosing your IaaS provider for ISV/SaaS
7 things to consider when choosing your IaaS provider for ISV/SaaS
Frederik Denkens
 
Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?
Cyber Security Partners
 
Solving problems with authentication
Solving problems with authenticationSolving problems with authentication
Solving problems with authentication
MecklerMedia
 
Identity Governance Solutions and Case Studies by Nitai Partners
Identity Governance Solutions and Case Studies by Nitai PartnersIdentity Governance Solutions and Case Studies by Nitai Partners
Identity Governance Solutions and Case Studies by Nitai Partners
Nitai Partners Inc
 

Similar to Tales from a Passkey Provider Progress from Awareness to Implementation.pptx (20)

Sydney mule soft meetup 30 april 2020
Sydney mule soft meetup   30 april 2020Sydney mule soft meetup   30 april 2020
Sydney mule soft meetup 30 april 2020
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
 
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
 
How to Build an Effective API Security Strategy
How to Build an Effective API Security StrategyHow to Build an Effective API Security Strategy
How to Build an Effective API Security Strategy
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
 
Bridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On GapBridging the Cloud Sign-On Gap
Bridging the Cloud Sign-On Gap
 
Lyra Infosystems Services and Consulting Portfolio 2020
Lyra Infosystems Services and Consulting Portfolio 2020Lyra Infosystems Services and Consulting Portfolio 2020
Lyra Infosystems Services and Consulting Portfolio 2020
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...
apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...
apidays Paris 2022 - DevEx, the new challenge of software companies, Mathieu ...
 
SeattleFall1
SeattleFall1SeattleFall1
SeattleFall1
 
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016
 
Securing DevOps Lifecycle
Securing DevOps LifecycleSecuring DevOps Lifecycle
Securing DevOps Lifecycle
 
Security Keys Presentation.pptx
Security Keys Presentation.pptxSecurity Keys Presentation.pptx
Security Keys Presentation.pptx
 
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
 
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
 
7 things to consider when choosing your IaaS provider for ISV/SaaS
7 things to consider when choosing your IaaS provider for ISV/SaaS7 things to consider when choosing your IaaS provider for ISV/SaaS
7 things to consider when choosing your IaaS provider for ISV/SaaS
 
Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?Implementing Legal within Tech. What are the Cyber Security issues?
Implementing Legal within Tech. What are the Cyber Security issues?
 
Solving problems with authentication
Solving problems with authenticationSolving problems with authentication
Solving problems with authentication
 
Identity Governance Solutions and Case Studies by Nitai Partners
Identity Governance Solutions and Case Studies by Nitai PartnersIdentity Governance Solutions and Case Studies by Nitai Partners
Identity Governance Solutions and Case Studies by Nitai Partners
 

More from FIDO Alliance

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdfFIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdfFIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdfFIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdfFIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdfFIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FIDO Alliance
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
FIDO Alliance
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
FIDO Alliance
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
FIDO Alliance
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
FIDO Alliance
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
FIDO Alliance
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
FIDO Alliance
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
FIDO Alliance
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
FIDO Alliance
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
FIDO Alliance
 

More from FIDO Alliance (20)

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdfFIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
 
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdfFIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdfFIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdf
 
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdfFIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdfFIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 

Recently uploaded

20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
David Brossard
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 

Recently uploaded (20)

20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 

Tales from a Passkey Provider Progress from Awareness to Implementation.pptx

  • 1. Tales from a Passkey Provider Progress from Awareness to Implementation May 2024
  • 2. PRIVATE & CONFIDENTIAL Nick Steele Staff Product Manager 1Password Today’s speakers Shane Weeden Senior Technical Staff Member IBM Megan Shamas (moderator) Senior Director of Marketing FIDO Alliance
  • 3. PRIVATE & CONFIDENTIAL Agenda • Where we’ve been • Where we’re at • What you can do • Panel Q&A
  • 7. PRIVATE & CONFIDENTIAL U2F/CTAP UAF CTAP2 WebAuthn Passkeys ✨ Verifiable Credentials 👋 2014
  • 8. PRIVATE & CONFIDENTIAL Passkeys in the news September 2022: iOS16 officially brings passkeys to Apple devices. October 2023: Google makes passkeys the default sign- in option for all users, significantly boosting adoption. April 2024: X (formerly Twitter) rolls out global support for passkeys on IOS. October 2023: Amazon begins supporting passkeys for all users.
  • 9. PRIVATE & CONFIDENTIAL 2023: The year of the 3rd Party Passkey Provider • Weak and stolen credentials remain the number one cause of breaches. • Passkey Providers are the new Password Manager! • Trial users who interact with our passkey features are ~20% more likely to convert to paying customers than those who do not. • With new solutions, come new problems! Platforms & Hardware Tokens have different needs. • Relying Party as a Service continues to flourish. • We
  • 12. PRIVATE & CONFIDENTIAL 2024: Regulations, Enterprise, and Beyond(Corp) • 400 Million Google Accounts, over 1 Billion authentications. • Passkeys are officially AAL2 compliant! • But MFA, especially for regulation, is still lagging. • Passkeys are a replacement for passwords (and sometimes need MFA) • Both B2B and B2C are still struggling with UX and UI regarding passkeys, especially in regulated industries. • Starting to be co-opted into Zero Trust architectures and decision-making.
  • 13. PRIVATE & CONFIDENTIAL Looking Ahead: FIDO UCEP and UCEF • FIDO Universal Credential Exchange Protocol & Format • Aims to help address current issues around lock-in, insecure import/export, and other issues related to moving different types of credentials. • Not limited by passkeys, but motivated by passkeys. • Currently working on proof of concepts and testing with 5 companies, • Expect V1 to be published in the next few weeks!
  • 15. PRIVATE & CONFIDENTIAL Where do you Start? • Check out some RPaaS! (Insert shameless plug for Passage here) • If you’re thinking about building your own solution, here are a few things we’ve learned: • Basic implementations are not hard. The challenge is accounting for fallbacks, account recovery, and device edge cases. • WebAuthn is an evolving standard, so keep an eye out for changes that can improve user experience. Additions like PublicKeyCredentialDescriptor could make identifying providers much easier. • Poor implementations can cause conversions to drop. • Educating users is a huge part of the shift, and one of the biggest hurdles.
  • 16. PRIVATE & CONFIDENTIAL What about your organization? • If you’re going the in-house route. Get started now or catch up later • As new features get released, don’t aim for a moving target. • Savings can be more motivating than Security • Reduce SMS OTP Fees. • Passkeys provide 50% faster logins, 64% increase in login success. • Shopify merchants that enabled passkeys for shoppers saw an 8% increase in conversion.