Download - FIDO Alliance – Security and Identity
![Page 1: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/1.jpg)
Michael Barrett, President, FIDO Alliance
London October 10, 2013
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 1
![Page 2: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/2.jpg)
Ø Consumerization of enterprise IT
Ø OEMs acquiring/developing fingerprint sensor capability
Ø Open standards development – FIDO
Ø Holistic ecosystem safety - Shared Signals
Trends in authentication
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 20
![Page 3: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/3.jpg)
iPhone 5 authentication as a driver
• Users are at the center of a world of connected intelligence
• Consumerization of enterprise IT is an unstoppable trend
• Apple’s Touch ID is well architected
• Expect to see penetration of these devices into new domains
• Standards are critical to proliferation
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 2
![Page 4: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/4.jpg)
Opportunity for Better Authentication is Upon Us
For Users For Organizations
Painful to Use
• 25 Accounts • 8 Logins / Day • 6.5 Passwords
Difficult to Secure
• $5.5M / Data Breach • $15M / PWD Reset • $60+ / Token
For the Ecosystem
Impossible to Scale
• Fragmented • Inflexible • Slow to Adopt
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 3
![Page 5: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/5.jpg)
Common experiences related to authentication failure (respondents who say it happened to them one or more times over the past 2 years)
Users are frustrated - password complexity requirements working against them instead of supporting them
Experiences with Identity and Authentication
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 4
![Page 6: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/6.jpg)
DO YOU REALLY WANT YOUR REFRIGERATOR TO KNOW YOUR PAYPAL
PASSWORD?
Do You Really Want Your Refrigerator to Know Your PayPal Password?
![Page 7: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/7.jpg)
0
20
40
60
80
100
120
2006 2007 2008 2009 2010 2011 2012
Authentication Vendors
A Full Field…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 7
![Page 8: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/8.jpg)
JUST EASY
“BETTER AUTHENTICATION”
JUST BAD
Hig
h Se
curit
y Lo
w
UNPLEASANT
Low High Usability
Security is not a Continuum…
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 5
![Page 9: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/9.jpg)
New Technology Options…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 6
![Page 10: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/10.jpg)
Authentication Standards Combined with Advances in Biometrics Provide a New Path Forward
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 3
![Page 11: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/11.jpg)
How FIDO Works
FIDO Authenticators
Website Browser
FIDO Plugin
Device Specific Module
64
1
23 5
Validation Cache
secret secrets
refr
esh
Vendor Tokens FIDO
Repository
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 8
![Page 12: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/12.jpg)
• User picks their own token type
• User decides when/if to bind their token to their account
• Existing tokens (like finger) can be used by downloading the FIDO plugin
• User can download the plugin from various sites
• User could have a PIN-protected USB drive to use while travelling
The FIDO “User” Experience
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 9
![Page 13: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/13.jpg)
Please say your passphrase to log into your account
Speak
Voice Experience…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 10
![Page 14: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/14.jpg)
Finger Experience…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 11
![Page 15: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/15.jpg)
USB Experience…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 12
![Page 16: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/16.jpg)
16
Additive two-factor Authentication…
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 13
![Page 17: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/17.jpg)
Ø The Internet needs better authentication, now Ø Stronger authentication is not “better
authentication” Ø An industry standards based approach is the
only viable way forward Ø “Whether you believe you can do a thing, or
not, you are right” (Henry Ford) www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 19
![Page 18: FIDO Alliance – Security and Identity](https://reader034.vdocuments.us/reader034/viewer/2022051404/584c2eb81a28ab85738e4df0/html5/thumbnails/18.jpg)
Michael Barrett, CISM, CISSP President, the FIDO Alliance
Thank You for Your Time!
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 20
[email protected] http://www.fidoalliance.org