Upload
fido-alliance
View
506
Download
2
Embed Size (px)
Citation preview
Introduction to the FIDO AllianceVision and Status
All Rights Reserved. FIDO Alliance. Copyright 2016.
1
Brett McDowell, Executive [email protected]
2All Rights Reserved | FIDO Alliance | Copyright 2016.
The FIDO VisionProgress through 2016
The Road Ahead
THE FIDO VISION
All Rights Reserved | FIDO Alliance | 2016 4
Formed in 2012 to Solve the Password Problem
63% of data breaches in 2015 involved weak,
default, or stolen
passwords-Verizon Data Breach
Report
Data breaches expected to reach
1,000 in 2016 up 22% from 2015
-Identity Theft Resource Center
Each data breach costs
$3.8 million on average
up 23% from 2013-Ponemon Institute
The FIDO Alliance is an open industry association of over 250 organizations with a focused mission: authentication standards
5
FIDO Alliance Mission
Develop Specifications
Operate Adoption Programs
Pursue Formal Standardization
1 2 3
6All Rights Reserved. FIDO Alliance. Copyright 2016.
define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to authenticate users of online services
Board Members
All Rights Reserved. FIDO Alliance. Copyright 2016.
7
FIDOSPECIFICATIONSonline authentication usingpublic key cryptography
HOW “Shared Secrets” WORK
ONLINE
The user authenticates themselves online by presenting a human-
readable “shared secret”
HOW FIDO WORKS
AUTHENTICATOR
LOCAL ONLINE
The user authenticates
“locally” to their device (by various
means)
The device authenticates the user online using
public key cryptography
All Rights Reserved. FIDO Alliance. Copyright 2016. 10
All Rights Reserved. FIDO Alliance. Copyright 2016.
11
Support for Two Authentication Experiences
7All Rights Reserved. FIDO Alliance. Copyright 2016.
OPEN STANDARDS R.O.I.FIDO-ENABLE ONCEGAIN EVERY DEVICE YOU
TRUSTNO MORE ONE-OFF
INTEGRATIONSAll Rights Reserved. FIDO Alliance. Copyright 2016. 12
USABILITY, SECURITY, R.O.I. and
PRIVACYAll Rights Reserved. FIDO Alliance. Copyright 2016. 13
No 3rd Party in the Protocol
No Secrets on the Server Side
Biometric Data (if used) Never Leaves Device
No (*new*) Link-ability Between Services
No (*new*) Link-ability Between Accounts
14
Summary: FIDO Authentication Delivers
15
All Rights Reserved | FIDO Alliance | 2016
Better securityfor online services
Reduced costfor the enterprise
Simpler and saferfor users
All Rights Reserved. FIDO Alliance. Copyright 2016. 1616
All Rights Reserved. FIDO Alliance. Copyright 2016.
PROGRESS THROUGH 2016: DEVELOPMENT
FIDO Development History
FIDO 1.0 FINAL
First Deployments UAF & U2F
Specification Review DraftFIDO
Ready ProgramAlliance
Announced
FEB
2013
DEC 2013
FEB 2014
FEB-OCT 2014
DEC 92014
MAY 2015
FEB2016
Formal Standardizatio
n
JUNE 2015
Certification Program
New U2F Transports
17
All Rights Reserved. FIDO Alliance. Copyright 2016.
NOV2016
FIDO 1.1
FIDO 1.1 Specifications Enhancements
All Rights Reserved. FIDO Alliance. Copyright 2016. 18
UAF
U2F
All Rights Reserved. FIDO Alliance. Copyright 2016. 1919
All Rights Reserved. FIDO Alliance. Copyright 2016.
PROGRESS THROUGH 2016: ADOPTION
Certification Growth
20
All Rights Reserved. FIDO Alliance. Copyright 2016.
An open competitive market Ensures interoperability Sign of mature FIDO
ecosystem
250+
FIDO® Certified products available today
Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16
152
6432
62 74108
162
216
253 TOTAL
21
All Rights Reserved. FIDO Alliance. Copyright 2016.
FIDO Certified
FIDO in the Android Ecosystem
22
All Rights Reserved. FIDO Alliance. Copyright 2016.
S5, Mini
Alpha
Note 4,5
Note Edge
Tab S, Tab S2
S6,S6
Edge
S7,S7
Edge
Vernee Thor
Aquos Zeta
Xperia Z5 SO-01H
Xperia Z5 Compact SO-02H
Xperia Z5 Premium SO-03H
Mate 8
V1 0
G5
Phab2 Phab2 ProPlus
Z2, Z2 Pro
Arrows NX
Arrows Fit
Arrows Tab
Xperia X Performance
Xperia XZ Xperia X Compact SO-02J
All Rights Reserved. FIDO Alliance. Copyright 2016.
iPhone SE iPhone & iPhone+
iPad Air, Mini iPad Pro
FIDO in the Apple Ecosystem
Supported iOS Fingerprint Devices
23
24
All Rights Reserved. FIDO Alliance. Copyright 2016.
FIDO in the Windows and Web EcosystemsWindows Platforms
Web
Yoga 910
25
Global Leaders Deploy FIDO
ConfidentialFIDO Alliance | All Rights Reserved | Copyright 2016
All Rights Reserved. FIDO Alliance. Copyright 2016. 2626
All Rights Reserved. FIDO Alliance. Copyright 2016.
FIDO: THE ROAD AHEAD
All Rights Reserved | FIDO Alliance | 2016 27
The Road Ahead
W3C Web Authentication Specification
Standards Effort with
EMVCo
Client-to-Authenticator
Protocol (CTAP)
FIDO Gold Server + New Certification
Programs
2017 Is a Milestone Year in the Making
28
All Rights Reserved. FIDO Alliance. Copyright 2016.
1. FIDO ubiquity through Web Platform standardization
2. FIDO ubiquity on mobile through CDCVM in Mobile Payments
3. New FIDO use cases: “companion device” authentication
4. New Certification Programs for a quickly maturing marketplace
THANK YOU
All Rights Reserved. FIDO Alliance. Copyright 2016.
Brett McDowell, executive [email protected]
29