SlideShare a Scribd company logo
1 of 16
Download to read offline
1 © FIDO Alliance 2023
Use of FIDO in the Payments and Identity Landscape
Henna Kapur
Director of Authentication Products, Visa
Co-Chair, FIDO Alliance European Workgroup
hwadhwan@visa.com
Sebastian Elfors
Senior Architect, IDnow
FIDO Alliance European Workgroup
sebastian.elfors@idnow.io
2 © FIDO Alliance 2023
FIDO European Working Group
Who are we and what are we up-to?
Our Mission
• Facilitate communication and cooperation within the European market
• Improve FIDO awareness
• Two key workstreams for the working group - Identity and Payment Authentication
3 © FIDO Alliance 2023
Identity and FIDO
4 © FIDO Alliance 2023
eIDAS2 legislation
–What is it and Why it matters?
 eIDAS = electronic Identification, Authentication and Trust Services
 eIDAS regulation in force since 2014
 eIDAS2 is an amendment, will be in force during 2024
 Major topics for eIDAS2:
 eIDAS2 regulation and the implementing acts
 EUDI Wallet: Specified in Architecture and Reference Framework (ARF)
 Large Scale Pilots (LSPs): Four consortia with different use cases
 Consortia: DC4EU, EWC, NOBID, POTENTIAL
 Use cases: mobile driving license, payments, healthcare, education, travel, etc
 FIDO considered for use with DC4EU, EWC and NOBID cloud-based wallets
5 © FIDO Alliance 2023
eIDAS2 timeline
2024 2025 2026
Feb 2024
EU parliament
vote
EUDI Wallet reference application evaluation
Implementing acts
Ongoing ARF updates based on LSP progress and feedback
Apr 2024
eIDAS2 in force
LSP development | LSP testing & piloting
National EUDI Wallet implementations and roll out
Apr 2025
Implementing
acts final
CEN/ETSI standardization
6 © FIDO Alliance 2023
Roles in the EUDI Wallet eco-system (by the ARF)
7 © FIDO Alliance 2023
7
FIDO use cases for eIDAS2
8 © FIDO Alliance 2023
Other notable publications for reference
 FIDO eIDAS white paper 2020: https://fidoalliance.org/white-paper-using-fido-with-eidas-services/
 FIDO eIDAS white paper summary 2020: https://fidoalliance.org/white-paper-introduction-of-fido-eidas-services/
 FIDO eIDAS blog post 2021: https://fidoalliance.org/fido-recognition-for-european-digital-identity-systems-and-
eidas-grows/
 FIDO EUDI Wallet white paper 2023: https://fidoalliance.org/white-paper-using-fido-for-the-eudi-wallet/
 FIDO eIDAS2 blog post 2023: https://fidoalliance.org/the-eu-organizations-enisa-and-etsi-refer-to-fido-as-
authentication-standard-for-eidas2/
9 © FIDO Alliance 2023
Payment Authentication and FIDO
10 © FIDO Alliance 2023
In Europe, roughly 30% of all e-commerce goes through step-
up where cardholder 2FA is required
 FIDO authentication using Passkeys can simplify this journey with a more seamless, phishing resistant
authentication experience.
 Passkeys along with additional device identification/binding mechanism can create a compliant
authentication journey in Europe.
11 © FIDO Alliance 2023
Cardholder – UX Journey
ID&Vfollowed by FIDOEnrollment
Confirmed cardholder
identity with bank
Establish chain of trust
12 © FIDO Alliance 2023
Cardholder – UX Journey
Subsequentauthenticationusing FIDO
Reduced friction for
returning cardholder
Phishing resistant
authentication
Consistent experience on
browser and apps
13 © FIDO Alliance 2023
Collaboration with EMVCo
 Continuous collaboration since 2016
 Two working groups that discuss FIDO related initiatives
 Work item at the EMV3DS Working Group
 Goal is to define how EMV3DS messages can be used to pass FIDO authentication data across the
EMV payments ecosystem i.e. between Merchants, PSP’s, banks in a 3DS transaction.
 Most recent white paper:
 https://fidoalliance.org/emvco-and-fido-alliance-provide-essential-guidance-on-use-of-fido-
with-emv-3ds/
 This paper calls out,
 a data structure that allows for a chain of trust to be established between cardholder
authentication, FIDO enrolments and FIDO authentication, hence giving issuers increased
control and insight into the authentication process
 Secure Remote Commerce working group
 Goal is to support FIDO as an authentication method as part of remote commerce transactions
 Specifications 1.3 have introduced FIDO2 as a card issuer verification method and as an
authentication method
 More use cases with FIDO under review
14 © FIDO Alliance 2023
Collaboration with W3C and EMVCo
Secure Payment Confirmation
What is SPC and What are its benefits?
 Secure Payment Confirmation (SPC) is an extension to the WebAuthn
standard.
 It enhances the consumer experience when authenticating to a transaction
with a FIDO passkey through a standardized payment context screen.
 Cross origin authentication – it allows for credentials created in one domain
to be used in another domain based on input parameters (subject to
permission by the original Relying party).
Dependencies
 Requires EMV3DS 2.3 support to work with banks, when SPC is used in
the context of EMV 3DS
 Currently only supported on Chrome
Note: Upcoming publication by FIDO EU Working Group to further deep dive into SPC!
15 © FIDO Alliance 2023
What about PSD3?
Commission proposals
on PSD3/PSR
June 2023
Agreement on
Final text
Q1/Q2 2025
EBA to update RTS
on SCA
12 months after
publication*
Publication of final
updated RTS on
SCA
2026/2027**
Political negotiations among EU institutions
(Commission, Parliament and Council)
2023 2024 2025 2026 2027 2028
Entry into force of
updated RTS on
SCA
2027/2028
Publication in
the Official
Journal
1-2 months
after political
agreement
* EBA supposed to update RTS on SCA 12 months after publication but given all the Level 2 (RTS and Guidance) they need to do this process could be delayed.
** Delay in publication of Draft RTS on SCA would delay the whole approval process. (RTS on SCA will include detail provisions on outsourcing requirements for SCA)
*** The EBA continues to work on its Q&A tool – At any point in time there can be new Q&As that clarify provisions of SCA.
Parliament vote on its
position April 2024
Recap on the current timeline
Engagement by FIDO EU Working group
As a working group, We intend to provide feedback when the RTS on SCA is drafted and open for consultation.
16 © FIDO Alliance 2023
16 © FIDO Alliance 2023
Thank you for your interest!
Questions?

More Related Content

Similar to Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO Alliance
 
Enisa report e idas compliant eid solution
Enisa report   e idas compliant eid solutionEnisa report   e idas compliant eid solution
Enisa report e idas compliant eid solutionAli Soleymani
 
FIDO Authentication in Hong Kong
FIDO Authentication in Hong KongFIDO Authentication in Hong Kong
FIDO Authentication in Hong KongFIDO Alliance
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO Alliance
 
IPID consultation FG2A-france_response vfin
IPID consultation FG2A-france_response vfinIPID consultation FG2A-france_response vfin
IPID consultation FG2A-france_response vfinLouise Blondel
 
Mobile Connect and the FIDO standards
Mobile Connect and the FIDO standardsMobile Connect and the FIDO standards
Mobile Connect and the FIDO standardsFIDO Alliance
 
Digital Identity Standards by ENISA, European Union
Digital Identity Standards by ENISA, European UnionDigital Identity Standards by ENISA, European Union
Digital Identity Standards by ENISA, European Unionsoranun1
 
Mobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA PresentationMobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA PresentationFIDO Alliance
 
Identity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authenticationIdentity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authenticationLeonard Moustacchis
 
Juanjo Hierro - Integrating Trust and IAM with trading in Data Space Connect...
Juanjo Hierro -  Integrating Trust and IAM with trading in Data Space Connect...Juanjo Hierro -  Integrating Trust and IAM with trading in Data Space Connect...
Juanjo Hierro - Integrating Trust and IAM with trading in Data Space Connect...FIWARE
 
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.IRJET Journal
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
FIDO & GSMA Mobile Connect
FIDO & GSMA Mobile ConnectFIDO & GSMA Mobile Connect
FIDO & GSMA Mobile ConnectFIDO Alliance
 
swift_standards_masterclass_2019_presentation (1).pdf
swift_standards_masterclass_2019_presentation (1).pdfswift_standards_masterclass_2019_presentation (1).pdf
swift_standards_masterclass_2019_presentation (1).pdfPragashAdhimoolam1
 
Bicycle to vehicle communications connectivity scott kasin - trek
Bicycle to vehicle communications connectivity   scott kasin - trekBicycle to vehicle communications connectivity   scott kasin - trek
Bicycle to vehicle communications connectivity scott kasin - trekKevin Mayne
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and NewsThe FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and NewsFIDO Alliance
 
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Alliance
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesFIDO Alliance
 

Similar to Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx (20)

FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
 
Enisa report e idas compliant eid solution
Enisa report   e idas compliant eid solutionEnisa report   e idas compliant eid solution
Enisa report e idas compliant eid solution
 
FIDO Authentication in Hong Kong
FIDO Authentication in Hong KongFIDO Authentication in Hong Kong
FIDO Authentication in Hong Kong
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
 
PPT, ENISA, service delivery webinar 310522
PPT, ENISA, service delivery webinar 310522PPT, ENISA, service delivery webinar 310522
PPT, ENISA, service delivery webinar 310522
 
IPID consultation FG2A-france_response vfin
IPID consultation FG2A-france_response vfinIPID consultation FG2A-france_response vfin
IPID consultation FG2A-france_response vfin
 
Mobile Connect and the FIDO standards
Mobile Connect and the FIDO standardsMobile Connect and the FIDO standards
Mobile Connect and the FIDO standards
 
Digital Identity Standards by ENISA, European Union
Digital Identity Standards by ENISA, European UnionDigital Identity Standards by ENISA, European Union
Digital Identity Standards by ENISA, European Union
 
Mobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA PresentationMobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA Presentation
 
Identity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authenticationIdentity Tech Talks #3 FIDO futur of authentication
Identity Tech Talks #3 FIDO futur of authentication
 
Juanjo Hierro - Integrating Trust and IAM with trading in Data Space Connect...
Juanjo Hierro -  Integrating Trust and IAM with trading in Data Space Connect...Juanjo Hierro -  Integrating Trust and IAM with trading in Data Space Connect...
Juanjo Hierro - Integrating Trust and IAM with trading in Data Space Connect...
 
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
 
FIDO & GSMA Mobile Connect
FIDO & GSMA Mobile ConnectFIDO & GSMA Mobile Connect
FIDO & GSMA Mobile Connect
 
swift_standards_masterclass_2019_presentation (1).pdf
swift_standards_masterclass_2019_presentation (1).pdfswift_standards_masterclass_2019_presentation (1).pdf
swift_standards_masterclass_2019_presentation (1).pdf
 
Bicycle to vehicle communications connectivity scott kasin - trek
Bicycle to vehicle communications connectivity   scott kasin - trekBicycle to vehicle communications connectivity   scott kasin - trek
Bicycle to vehicle communications connectivity scott kasin - trek
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
 
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and NewsThe FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and News
 
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
 

More from LoriGlavin3

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptxFIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptxLoriGlavin3
 

More from LoriGlavin3 (9)

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptxFIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
FIDO Securty Key UX Guidelines Webinar Sept 2022.pptx
 

Recently uploaded

“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdfMuhammad Subhan
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxFIDO Alliance
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligencePrecisely
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?Paolo Missier
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...ScyllaDB
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...FIDO Alliance
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuidePixlogix Infotech
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewDianaGray10
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform EngineeringMarcus Vechiato
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Paige Cruz
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityVictorSzoltysek
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data SciencePaolo Missier
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxjbellis
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTopCSSGallery
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandIES VE
 

Recently uploaded (20)

“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptx
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

  • 1. 1 © FIDO Alliance 2023 Use of FIDO in the Payments and Identity Landscape Henna Kapur Director of Authentication Products, Visa Co-Chair, FIDO Alliance European Workgroup hwadhwan@visa.com Sebastian Elfors Senior Architect, IDnow FIDO Alliance European Workgroup sebastian.elfors@idnow.io
  • 2. 2 © FIDO Alliance 2023 FIDO European Working Group Who are we and what are we up-to? Our Mission • Facilitate communication and cooperation within the European market • Improve FIDO awareness • Two key workstreams for the working group - Identity and Payment Authentication
  • 3. 3 © FIDO Alliance 2023 Identity and FIDO
  • 4. 4 © FIDO Alliance 2023 eIDAS2 legislation –What is it and Why it matters?  eIDAS = electronic Identification, Authentication and Trust Services  eIDAS regulation in force since 2014  eIDAS2 is an amendment, will be in force during 2024  Major topics for eIDAS2:  eIDAS2 regulation and the implementing acts  EUDI Wallet: Specified in Architecture and Reference Framework (ARF)  Large Scale Pilots (LSPs): Four consortia with different use cases  Consortia: DC4EU, EWC, NOBID, POTENTIAL  Use cases: mobile driving license, payments, healthcare, education, travel, etc  FIDO considered for use with DC4EU, EWC and NOBID cloud-based wallets
  • 5. 5 © FIDO Alliance 2023 eIDAS2 timeline 2024 2025 2026 Feb 2024 EU parliament vote EUDI Wallet reference application evaluation Implementing acts Ongoing ARF updates based on LSP progress and feedback Apr 2024 eIDAS2 in force LSP development | LSP testing & piloting National EUDI Wallet implementations and roll out Apr 2025 Implementing acts final CEN/ETSI standardization
  • 6. 6 © FIDO Alliance 2023 Roles in the EUDI Wallet eco-system (by the ARF)
  • 7. 7 © FIDO Alliance 2023 7 FIDO use cases for eIDAS2
  • 8. 8 © FIDO Alliance 2023 Other notable publications for reference  FIDO eIDAS white paper 2020: https://fidoalliance.org/white-paper-using-fido-with-eidas-services/  FIDO eIDAS white paper summary 2020: https://fidoalliance.org/white-paper-introduction-of-fido-eidas-services/  FIDO eIDAS blog post 2021: https://fidoalliance.org/fido-recognition-for-european-digital-identity-systems-and- eidas-grows/  FIDO EUDI Wallet white paper 2023: https://fidoalliance.org/white-paper-using-fido-for-the-eudi-wallet/  FIDO eIDAS2 blog post 2023: https://fidoalliance.org/the-eu-organizations-enisa-and-etsi-refer-to-fido-as- authentication-standard-for-eidas2/
  • 9. 9 © FIDO Alliance 2023 Payment Authentication and FIDO
  • 10. 10 © FIDO Alliance 2023 In Europe, roughly 30% of all e-commerce goes through step- up where cardholder 2FA is required  FIDO authentication using Passkeys can simplify this journey with a more seamless, phishing resistant authentication experience.  Passkeys along with additional device identification/binding mechanism can create a compliant authentication journey in Europe.
  • 11. 11 © FIDO Alliance 2023 Cardholder – UX Journey ID&Vfollowed by FIDOEnrollment Confirmed cardholder identity with bank Establish chain of trust
  • 12. 12 © FIDO Alliance 2023 Cardholder – UX Journey Subsequentauthenticationusing FIDO Reduced friction for returning cardholder Phishing resistant authentication Consistent experience on browser and apps
  • 13. 13 © FIDO Alliance 2023 Collaboration with EMVCo  Continuous collaboration since 2016  Two working groups that discuss FIDO related initiatives  Work item at the EMV3DS Working Group  Goal is to define how EMV3DS messages can be used to pass FIDO authentication data across the EMV payments ecosystem i.e. between Merchants, PSP’s, banks in a 3DS transaction.  Most recent white paper:  https://fidoalliance.org/emvco-and-fido-alliance-provide-essential-guidance-on-use-of-fido- with-emv-3ds/  This paper calls out,  a data structure that allows for a chain of trust to be established between cardholder authentication, FIDO enrolments and FIDO authentication, hence giving issuers increased control and insight into the authentication process  Secure Remote Commerce working group  Goal is to support FIDO as an authentication method as part of remote commerce transactions  Specifications 1.3 have introduced FIDO2 as a card issuer verification method and as an authentication method  More use cases with FIDO under review
  • 14. 14 © FIDO Alliance 2023 Collaboration with W3C and EMVCo Secure Payment Confirmation What is SPC and What are its benefits?  Secure Payment Confirmation (SPC) is an extension to the WebAuthn standard.  It enhances the consumer experience when authenticating to a transaction with a FIDO passkey through a standardized payment context screen.  Cross origin authentication – it allows for credentials created in one domain to be used in another domain based on input parameters (subject to permission by the original Relying party). Dependencies  Requires EMV3DS 2.3 support to work with banks, when SPC is used in the context of EMV 3DS  Currently only supported on Chrome Note: Upcoming publication by FIDO EU Working Group to further deep dive into SPC!
  • 15. 15 © FIDO Alliance 2023 What about PSD3? Commission proposals on PSD3/PSR June 2023 Agreement on Final text Q1/Q2 2025 EBA to update RTS on SCA 12 months after publication* Publication of final updated RTS on SCA 2026/2027** Political negotiations among EU institutions (Commission, Parliament and Council) 2023 2024 2025 2026 2027 2028 Entry into force of updated RTS on SCA 2027/2028 Publication in the Official Journal 1-2 months after political agreement * EBA supposed to update RTS on SCA 12 months after publication but given all the Level 2 (RTS and Guidance) they need to do this process could be delayed. ** Delay in publication of Draft RTS on SCA would delay the whole approval process. (RTS on SCA will include detail provisions on outsourcing requirements for SCA) *** The EBA continues to work on its Q&A tool – At any point in time there can be new Q&As that clarify provisions of SCA. Parliament vote on its position April 2024 Recap on the current timeline Engagement by FIDO EU Working group As a working group, We intend to provide feedback when the RTS on SCA is drafted and open for consultation.
  • 16. 16 © FIDO Alliance 2023 16 © FIDO Alliance 2023 Thank you for your interest! Questions?

Editor's Notes

  1. Sebastian.
  2. Sebastian.
  3. Sebastian.
  4. Sebastian.
  5. Sebastian.