Download - FIDO Overview: Status and Future
![Page 1: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/1.jpg)
EIC Munich 2015
1
![Page 2: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/2.jpg)
Overview
2
14:00 14:30 FIDO Now Donal O'Shea, FIDO Alliance
14:30 15:00 FIDO UAF 1.0 Specs: Overview and Insights Rolf Lindemann, Nok Nok Labs
15:00 15:30 FIDO U2F 1.0 Specs: Overview and Insights Alexei Czeskis, Google15:30 15:45 Coffee15:45 16:15 FIDO, PKI & beyond: Where authentication meets
identificationKim Nguyen, D-‐TrustCord Bartels, CBcon
16:15 16:45 Deploying FIDO: Ins and Outs Panel: Moderator Matthias Reinwarth, Kuppinger Cole; Kevin Lynch, Synaptics; Bob Stewart, Sonavation; Michael Poitner, NXP; Chris Woodthorpe, Infineon
16:45 17:45 FIDO Ready™ Products Entersekt-‐Infineon-‐NokNokLabs-‐Yubico
17:45 18:00 Q&A Wrap Up FIDO
![Page 3: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/3.jpg)
AGENDA
3
Interoperability ProblemPassword ProblemFIDO SolutionAbout FIDO
![Page 4: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/4.jpg)
The FIDO Story
![Page 5: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/5.jpg)
The FIDO Story—2
Technology Ecosystem
![Page 6: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/6.jpg)
AGENDA
6
Interoperability ProblemPassword ProblemFIDO SolutionAbout FIDO
![Page 7: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/7.jpg)
Cyber crime is out of
CONTROL
7
![Page 8: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/8.jpg)
708 data breaches
IN 2014...
82 millionpersonal records stolen
8
![Page 9: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/9.jpg)
Average cost per data breach$3.5 MILLION:
9
$92.3 MILLION:Average annual loss to mobile fraud
![Page 10: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/10.jpg)
We have a PASSWORD PROBLEM
10
![Page 11: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/11.jpg)
Passwordsno longer keep us safe
11
![Page 12: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/12.jpg)
Ill-suited for mobile devices
Kept in centralized databases
Easily broken
12
![Page 13: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/13.jpg)
Re-used Phished Keylogged
TOO MANY TO REMEMBER, DIFFICULT TO TYPE, AND NOT SECURE
13
![Page 14: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/14.jpg)
Other mechanisms have not been a success
14
![Page 15: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/15.jpg)
ONE-TIME CODESImprove security but aren’t easy enough
Still Phishable
Know attacks today
User Experience
User Confusion
Device Usability
One per site/ Fragile
SMS Usability
Coverage/ Delay/ Cost
15
![Page 16: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/16.jpg)
WE NEED A NEW MODEL
16
![Page 17: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/17.jpg)
The FIDO Story—3• Relevant companies with compelling interest
– The FIDO founders• PayPal, Lenovo, Nok Nok Labs, Validity Sensors, Infineon,
and Agnitio
– Meetings started about four years ago• Technology — initial scoping and approach• Ecosystem — everybody talk to their friends• Legal —
– Create an organization that » Protects IP and » Prevents antitrust
![Page 18: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/18.jpg)
Putting It Together
The problem: Simpler, Stronger, Interoperable online authentication
The trend: Local device authentication
Why not:Use local device auth for online authentication?
This is the core idea behind FIDO standards!
![Page 19: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/19.jpg)
We need™
19
![Page 20: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/20.jpg)
AGENDA
20
Interoperability ProblemPassword ProblemFIDO SolutionAbout FIDO
![Page 21: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/21.jpg)
THE FIDO SECURITY
PARADIGM
21
Poor Good
Wea
kSt
rong
USABILITY
SEC
URITY
CurrentSolutions
™
![Page 22: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/22.jpg)
THE FOCUS ISPRIVACY
22
![Page 23: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/23.jpg)
23
No 3rd Party in the Protocol
No Secrets on the Server side
Biometric data (if used) never leaves device
No link-ability between Services
No link-ability between Accounts
![Page 24: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/24.jpg)
THE ECOSYSTEM
Consumers
Enterprises
Online Service Providers
24
![Page 25: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/25.jpg)
FIDO StandardizationLOGIN USER APPROVAL
REGISTRATION COMPLETE KEY SELECTED
LOGIN CHALLENGE
LOGIN RESPONSE
1 2
4 3
Leverage public key cryptography
ONLINE CRYPTO PROTOCOL
PLUGGABLE LOCAL AUTH
![Page 26: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/26.jpg)
Not boiling the sea
![Page 27: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/27.jpg)
Security for providers
Reduced enterprise costs
Simple for consumers
27
![Page 28: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/28.jpg)
FOR CONSUMERS
Easy to Use Interoperable Private Secure
28
![Page 29: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/29.jpg)
FOR ENTERPRISES
Reduced cost & complexity
Strong asset protection
Effective BYOD support
29
![Page 30: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/30.jpg)
FOR ONLINE SERVICE PROVIDERS
Exceptional user experience
Stronger Security
Cost containment
30
![Page 31: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/31.jpg)
LOWER COST AND COMPLEXITY FOR ONLINE SERVICE PROVIDERS
Single Infrastructure
Any Device
Risk Appropriate
31
![Page 32: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/32.jpg)
AGENDA
32
Interoperability ProblemPassword ProblemFIDO SolutionAbout FIDO
![Page 33: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/33.jpg)
FIDO TIMELINE
FIDO 1.0 FINALSpecification
First UAF & U2F Deployments
SpecificationReview DraftFIDO Ready
ProgramAlliance
Announced
FEB2013
DEC2013
FEB2014
FEB-OCT2014
DEC 92014
33
![Page 34: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/34.jpg)
A broad range ofboard, associate, & sponsor members
34
![Page 35: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/35.jpg)
Board Members
190 & GROWING…
35
![Page 36: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/36.jpg)
Sponsor Members
190 & GROWING…
36
![Page 37: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/37.jpg)
Associate Members
190 & GROWING…
37
![Page 38: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/38.jpg)
InfineonNSP
NNL
A range of FIDO PRODUCTS is now available
38
![Page 39: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/39.jpg)
39
1.0 Specification
Online Services
Chip Providers
Device Providers
Biometrics Technology Providers
Enterprise Servers
Open Source sw/servers
Mobile Aps & clients
Browsers
![Page 40: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/40.jpg)
The FIDO Alliance
UAF Working Group
U2F Working Group
CertificationWorking Group
Marketing Working Group
Privacy and Public Policy
Working Group
Board of Directors
ExecutiveDirector
FIDO AllianceStaff
FIDO 2.0 Working Group
![Page 41: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/41.jpg)
JOIN THE FIDO ALLIANCE
41
![Page 42: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/42.jpg)
Join FIDO• Three levels of membership– Board of Directors–Member– Associate
• Website– www.fidoalliance.org
• Email me– [email protected]
![Page 43: FIDO Overview: Status and Future](https://reader031.vdocuments.net/reader031/viewer/2022030310/58f09e5f1a28ab524b8b45d7/html5/thumbnails/43.jpg)
EXPERIENCE SIMPLER, STRONGER AUTHENTICATION
43