1. All Rights Reserved | FIDO Alliance | Copyright 20171
FIDO Certified Program:
Status & Futures
Adam Powers
Technical Director
FIDO Alliance
2. Certification Goals
• Enable implementations to be identified as
officially FIDO certified
• Ensure interoperability between FIDO
officially recognized implementations
• Promote the adoption of the FIDO
ecosystem
2
All Rights Reserved | FIDO Alliance | Copyright 2017
3. Certification Overview
Available to both members and non-members
Four steps to certification
3
All Rights Reserved | FIDO Alliance | Copyright 2017
4. 4
All Rights Reserved | FIDO Alliance | Copyright 2017
Deployments are enabled by
100+ 340+ FIDO® Certified products
available today
5. Certification Growth
5
All Rights Reserved | FIDO Alliance | Copyright 2017
TOTAL
343
Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16 Dec-16 May-17
254
89
6. Korean Market Growth
Most markets seeing
healthy growth…
Huge spike in Korean
certifications in 2016
6
All Rights Reserved | FIDO Alliance | Copyright 2016
7. 9
S5, Mini Alpha Note 4,5 Note
Edge
Tab S,
Tab S2
S6,
S6 Edge
S7,
S7 Edge
Vernee
Thor
Xperia Z5
SO-01H
Xperia Z5
Compact
SO-02H
Xperia Z5
Premium
SO-03H
Mate 8
V10 G5 Phab2 Phab2
Pro Plus
Z2, Z2 Pro
Xperia X
Performance
Xperia XZ Xperia X
Compact
SO-02J
All Rights Reserved | FIDO Alliance | Copyright 2017.
Arrows
NX
Arrows
Fit
Arrows
Tab
F-02HF-04HF-04G
F-01H
Aquos Zeta
SH-01HSH-03G SH-02J
FIDO Certified Mobile Devices
8. FIDO Applications on iOS
10
All Rights Reserved | FIDO Alliance | Copyright 2017
iPhone 5s iPhone 6, 6+
iPad Air 2, Mini 3
iPhone 6s, 6s+
iPad Mini 4 iPad Pro
Supported iOS Fingerprint Devices
10. All Rights Reserved | FIDO Alliance | Copyright 201612
Coming Soon to
Certification
11. New Program Launching Soon:
Authenticator Certification Levels
Why authenticator certification?
▸ Verify the protection of FIDO secret keys and user privacy
▸ UAF and U2F authenticators will be eligible
Two authenticator certification levels – L1 & L2
▸ Level 1 – basic security validation for protecting
secrets and privacy, performed by
FIDO Security Secretariat
▸ Level 2 – lab-based validation of protection
against at-scale attacks
▸ Other levels coming soon!
13
All Rights Reserved | FIDO Alliance | Copyright 2017
12. All Rights Reserved | FIDO Alliance | Copyright 201714
Level 1 Certification Process
Similar to existing Functional Certification:
▸ Pass test tools
▸ Submit Vendor Questionnaire to FIDO that provides answers about the
security and privacy of the implementation
▸ Perform a few additional tests at interop
▸ Submit for Level 1 Certification!
13. All Rights Reserved | FIDO Alliance | Copyright 201715
Level 2 Certification Process
Must pass Functional Validation, and also:
▸ Select FIDO Accredited Security Lab
▸ Submit Vendor Questionnaire to lab
▸ Work with lab to validate and / or correct design
▸ Lab submits report to FIDO
▸ Submit for Level 2 Certification!
14. All Rights Reserved | FIDO Alliance | Copyright 201716
Launch Plan
Launch!
Trial Period
Issue First
Batch of
Certifications
Sunset Period
May 30
Publish Program Policies,
Websites, Accredited Lab
List, and a Marketing
Announcement.May 30 - August 28
90 days to perform Security
Evaluations and answer Vendor
and Accredited Security
Laboratory questions.
August 28
Issue and Announce the
first batch of L1 and L2
Certifications.
November 30, 2018
18 month Sunset Period.
Functional Only is no longer
allowed for Authenticators,
baseline requirement is L1.
15. Biometric Certification
Why biometric certification?
▸ Services and users need to have faith in biometrics
▸ Also verifies the FIDO Privacy Principles
What gets biometric certified?
▸ Authenticators
▸ Any kind of biometric:
Fingerprint, voice, iris, palm, face
How to get biometric certified?
▸ Select an accredited lab
▸ Test biometric with live subjects to meet FAR / FRR
▸ Lab submits test report to FIDO
17
All Rights Reserved | FIDO Alliance | Copyright 2016
Face
Palm
Iris
Finger
16. FIDO 2.0 Certification
WebAuthn
▸ W3C browser-based authentication
▸ Browser and test tool development
underway now!
Client to Authenticator Protocol (CTAP)
▸ Based on U2F device transports
Universal Servers*
▸ Implement all features of FIDO:
UAF, U2F, WebAuthn
18
All Rights Reserved | FIDO Alliance | Copyright 2016
* Formerly refered to as “Gold Servers”
17. FIDO Alliance | All Rights Reserved | Copyright 201619
Getting Started
19. Why Get Certified?
Value of Certification
▸ Highest quality products
▸ Market interoperability
▸ Deployment ready
▸ Easily identifiable by buyers
Be a member:
▸ Discounts for members
▸ Early access to draft specifications
21
FIDO Alliance | All Rights Reserved | Copyright 2016
20. Deployments of FIDO Certified
How to reach relying parties:
▸ Remember to use your FIDO Certified logo!
▸ Tradeshows, websites, product briefs, etc.
▸ Being a member has its privileges
▸ Connect with RPs at plenaries, networking events, etc.
▸ Certification discounts
▸ Early access to specifications = first mover advantage
▸ Be aware of upcoming requirements for FIDO
▸ For example, NIST 800-63
22
FIDO Alliance | All Rights Reserved | Copyright 2016
Confidential
21. Getting Started
Register for Self-Conformance Test Tool Access :
https://fidoalliance.org/test-tool-access-request/
▸ For UAF, you will need to complete both automated and manual testing
▸ UAF Authenticators only will need a Vendor ID: http://fidoalliance.org/vendor-id-request/
Complete Self-Conformance Testing at least two weeks prior to
interoperability event.
Elect to Participate in Pre-Testing in the two weeks prior to the
interoperability event (recommended)
Register for the next interoperability event to be held in June :
https://fidoalliance.org/interop-registration/
Registration for June Interop closes on May 24
Next Interoperability Event Host: Synaptics (San Jose, CA)
June 7-8, 2017: UAF
June 8, 2017: U2F
23
FIDO Alliance | All Rights Reserved | Copyright 2016
22. Next Steps
Available to both members and non-members
Four steps to certification
24
All Rights Reserved | FIDO Alliance | Copyright 2016