SlideShare une entreprise Scribd logo

LINEのFIDO導入と将来展望

FIDO Alliance
FIDO Alliance

TOKYO Seminar 2018 LINE株式会社 セキュリティ室 マネジャー、FIDOアライアンス ボードメンバー / FIDO Japan WG副座長 市原 尚久

Logiciels
1  sur  33
Télécharger pour lire hors ligne
LINEのFIDO導入と将来展望 Naohisa Ichihara December 7th, 2018
Profile Image Naohisa Ichihara Security Department Security consulting for NFC, mobile enterprise app, FIDO projects since mid 2000s to 2014 Security consultant, manager since 2015 in LINE FIDO Alliance Board member since 2017 FIDO Alliance Japan Working Group, Vice Chair
3
4 1. LINE introduction Who we are?
LINEのスピードと成長 B2C Platform Payment Platform Creator’s Sticker Market BUSINESS CONNECT IoT Platform 1. Introduction Possibility as an IdP/Comm PF
LINEのスピードと成長 1. Introduction Character Brand Business Taxi Service Food Delivery Service MVNO Bridging btw Real & Digital
LINEのスピードと成長 1. Introduction AI Speakers Virtual Home Robot Brand-new Communication
LINEのスピードと成長 1. Introduction Virtual Currency e-Bank in Taiwan Blockchain Platform Fin-Tech
9 2. Possibility of FIDO Where and how we could apply FIDO in our service?
Authentication / Privacy related features Account Registration Back-Up Restore Application Unlock Chat History Backup / Export Account Migration Change Email or Password
Authentication / Privacy related features Account Registration Back-Up Restore Application Unlock Chat History Backup / Export Account Migration Change Email or Password FIDO not available ↑ “Account Recovery” issue FIDO not available ↑ Off-line UX Only in case of the same device Authentication itself as Optional Authentication itself as Optional
Federation Fin-Tech / Block chain IoT 3rd Party App (Web) Clova Desktop LINE app “LINE Things” LINE Pay “LINE Login”
Federation Fin-Tech / Block chain IoT 3rd Party App (Web) Clova Desktop LINE app “LINE Login” “LINE Things” LINE Pay
14 3. Use cases Analysis Introduce how we integrate FIDO and our feasible use cases
Possible use cases Web LINE mobile app LINE Desktop App 3rd Party Web/Mobile App 3rd Party IoT Mobile app LINE Pay LINE Pay App inside of LINE Clova LINE xxx LINE family app (normal) AI speaker Connected Car LINE xxxLINE Game LINE family app (critical) (1)Social Login (federation) (1) or (4) (3) Desktop App Login (2) Setting Confirmation (4)(4) Transaction Auth (5) IoT Control (1) + (5) (6) Hands-free IoT Control (6)
(0) FIDO registration Account Registration When login in mobile From setting Just before using FIDO access.line.me Register your Finger now?
1st factor authentication without email/pw 3rd party services can authenticate/authorize users secure and fast. (1) Social Login (“LINE Login” in Mobile webs) access.line. me
LINE Login can get high assurance level of user consent User confirmation check With single gesture, 3rd party native apps can provide easy account creation and authentication. LINE app (1) Social Login (“LINE Login” in Mobile native apps) access.line.me 3rd party app
With single gesture, 3rd party native apps can provide easy account creation and authentication. - Re-design for (1) login authentication screen and flow (2) anonymous auto-login? (3) FIDO-device MGT, .. (1) Social Login (“LINE Login” in Web apps)
When changing email, password or in case of backup, export or restore of chat history (2) Setting Confirmation LINE app access.line.me
(3-1) First login (currently, email + password -> QR code or PIN-code) (3-2) Re-login (currently, email + password) (3) Desktop App Login LINE app access.line.me LINE app (Desktop)
Transaction confirmation for payment (Step-up authentication) across web and app For high risk transaction, multi factor authentication is required (4) Transaction Authentication LINE Pay access.line.me
Add extra layer of security by leveraging secret keys (2nd factor authentication for login and withdrawal) (4) Transaction Authentication bitbox.mebitbox.me
Manage and control IoT devices with secure manner Users can control IoT devices with LINE app • Start the car engine • Turn on the air conditioner • Monitor and watch your house LINE Things (5) IoT Control access.line.me LINE app
Preserve user privacy (read private messages) and provide transaction confirmation (6) Hands-free IoT Control Make credit card payment! Okay, Alice Not allowed Read new messages!
Use cases and FIDO protocol Use cases Scenes FIDO (0) FIDO Registration Reg, Login, Setting, Just before usage UAF, U2F/FIDO2 (1) Social Login Mobile app UAF Mobile web UAF PC web U2F/FIDO2 (2) Setting Confirmation Email/PW change, Backup/Export chat history UAF (3) Desktop App Login Native desktop app, UAF (4) Transaction Authentication Payment, Transfer money, Invest, .. UAF, U2F/FIDO2 (5) IoT Control IoT with Mobile app UAF (6) Hands-free IoT Control ?
LINE integration architecture (to-be) Mobile web FIDO server LINE Pay LINE Login Native app Universal server Client platforms LINE LINE Wallet LINE Insurance LINE PFM LINE finance LINE Shopping LINE Gift LINE channels Desktop web Hybrid app Authenticators Platform services 2 FIDO2 Web apps & services ems USB/NFC/BLE devices Built-in chips Human gesture 2 On-premises apps Federation across services Credential sharing across platforms
28 4. Summary
UAF/U2F/FIDO2 (Universal) Web / Mobile / PC client Not only LINE Coverage Authentication platform for all our customers across countries
Harmonization of UAF and FIDO2 Account Recovery Integration as IdP Issues
2019 Deployment Timeline 2018 Certification 2020 All Services 2017 Board Member
for Connected World for Digital Identity (beyond authentication) Disruption Future of FIDO
LINEのFIDO導入と将来展望

Recommandé

FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial
FIDO Alliance
 
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
FIDO Alliance
 
FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교
FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교
FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교
Lee Ji Eun
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
Pat Patterson
 
FIDO2 Specifications Overview
FIDO2 Specifications OverviewFIDO2 Specifications Overview
FIDO2 Specifications Overview
FIDO Alliance
 
FIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2FFIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2F
FIDO Alliance
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance
 
Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical Overview
FIDO Alliance
 

Recommandé

FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial
FIDO Alliance
 
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
2019 FIDO Tokyo Seminar - LINE PayへのFIDO2実装
FIDO Alliance
 
FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교
FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교
FIDO기반 생체인식 인증기술_SK플래닛@tech세미나판교
Lee Ji Eun
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
Pat Patterson
 
FIDO2 Specifications Overview
FIDO2 Specifications OverviewFIDO2 Specifications Overview
FIDO2 Specifications Overview
FIDO Alliance
 
FIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2FFIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2F
FIDO Alliance
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance
 
Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical Overview
FIDO Alliance
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
FIDO Alliance
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect Explained
Vladimir Dzhuvinov
 
認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜
Masaru Kurahayashi
 
The Value of FIDO Certification
The Value of FIDO CertificationThe Value of FIDO Certification
The Value of FIDO Certification
FIDO Alliance
 
FIDOのキホン
FIDOのキホンFIDOのキホン
FIDOのキホン
Yahoo!デベロッパーネットワーク
 
FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門
Yahoo!デベロッパーネットワーク
 
Google & FIDO Authentication
Google & FIDO AuthenticationGoogle & FIDO Authentication
Google & FIDO Authentication
FIDO Alliance
 
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Amazon Web Services
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Uwe Friedrichsen
 
Implementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakImplementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on Keycloak
Yuichi Nakamura
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO Alliance
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
FIDO Alliance
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2
Aaron Parecki
 
Fido認証概要説明
Fido認証概要説明Fido認証概要説明
Fido認証概要説明
FIDO Alliance
 
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
 
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinNew FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
FIDO Alliance
 
なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景
Tatsuo Kudo
 
Securing a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web AuthenticationSecuring a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web Authentication
FIDO Alliance
 
Expected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social ApplicationsExpected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social Applications
FIDO Alliance
 
Expected Use Cases of FIDO Authentication in Social Apps
Expected Use Cases of FIDO Authentication in Social AppsExpected Use Cases of FIDO Authentication in Social Apps
Expected Use Cases of FIDO Authentication in Social Apps
FIDO Alliance
 

Contenu connexe

Tendances

認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜
Masaru Kurahayashi
 

Tendances (20)

FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect Explained
 
認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜認証の課題とID連携の実装 〜ハンズオン〜
認証の課題とID連携の実装 〜ハンズオン〜
 
The Value of FIDO Certification
The Value of FIDO CertificationThe Value of FIDO Certification
The Value of FIDO Certification
 
FIDOのキホン
FIDOのキホンFIDOのキホン
FIDOのキホン
 
FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門FIDO認証によるパスワードレスログイン実装入門
FIDO認証によるパスワードレスログイン実装入門
 
Google & FIDO Authentication
Google & FIDO AuthenticationGoogle & FIDO Authentication
Google & FIDO Authentication
 
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
 
Implementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakImplementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on Keycloak
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2
 
Fido認証概要説明
Fido認証概要説明Fido認証概要説明
Fido認証概要説明
 
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
 
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinNew FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
 
なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景
 
Securing a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web AuthenticationSecuring a Web App with Passwordless Web Authentication
Securing a Web App with Passwordless Web Authentication
 

Similaire à LINEのFIDO導入と将来展望

Similaire à LINEのFIDO導入と将来展望 (20)

Expected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social ApplicationsExpected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social Applications
 
Expected Use Cases of FIDO Authentication in Social Apps
Expected Use Cases of FIDO Authentication in Social AppsExpected Use Cases of FIDO Authentication in Social Apps
Expected Use Cases of FIDO Authentication in Social Apps
 
A First Step to a World without Passwords
A First Step to a World without PasswordsA First Step to a World without Passwords
A First Step to a World without Passwords
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile Connect
 
11st FIDO Deployment Case Study
11st FIDO Deployment Case Study11st FIDO Deployment Case Study
11st FIDO Deployment Case Study
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
 
Passwordless Mobile Banking.pdf
Passwordless Mobile Banking.pdfPasswordless Mobile Banking.pdf
Passwordless Mobile Banking.pdf
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
 
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
 
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
 
FIDO & GSMA Mobile Connect
FIDO & GSMA Mobile ConnectFIDO & GSMA Mobile Connect
FIDO & GSMA Mobile Connect
 
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) SpecificationsCIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
 
FIDO’s fit for Key Industries in Korea
FIDO’s fit for Key Industries in Korea FIDO’s fit for Key Industries in Korea
FIDO’s fit for Key Industries in Korea
 
FIDO, Federation and the Internet of Things
FIDO, Federation and the Internet of Things FIDO, Federation and the Internet of Things
FIDO, Federation and the Internet of Things
 
IoT Tsunami is Here
IoT Tsunami is HereIoT Tsunami is Here
IoT Tsunami is Here
 
Bio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in KoreaBio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in Korea
 

Plus de FIDO Alliance

Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
FIDO Alliance
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
FIDO Alliance
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
FIDO Alliance
 

Plus de FIDO Alliance (20)

OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
 
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxCISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptx
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
 
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向
 
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案
 
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察
 
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ
 
YubiOnが目指す未来
YubiOnが目指す未来YubiOnが目指す未来
YubiOnが目指す未来
 
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみた
 
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例中小企業によるFIDO導入事例
中小企業によるFIDO導入事例
 
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスVPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
 
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークCloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワーク
 
数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート
 
FIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards AuthenticationFIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards Authentication
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
 
20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へ20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へ
 
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
 

Dernier

AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
software pro Development
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 

Dernier (20)

How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 

LINEのFIDO導入と将来展望

  • 2. Profile Image Naohisa Ichihara Security Department Security consulting for NFC, mobile enterprise app, FIDO projects since mid 2000s to 2014 Security consultant, manager since 2015 in LINE FIDO Alliance Board member since 2017 FIDO Alliance Japan Working Group, Vice Chair
  • 3. 3
  • 5. LINEのスピードと成長 B2C Platform Payment Platform Creator’s Sticker Market BUSINESS CONNECT IoT Platform 1. Introduction Possibility as an IdP/Comm PF
  • 6. LINEのスピードと成長 1. Introduction Character Brand Business Taxi Service Food Delivery Service MVNO Bridging btw Real & Digital
  • 7. LINEのスピードと成長 1. Introduction AI Speakers Virtual Home Robot Brand-new Communication
  • 9. 9 2. Possibility of FIDO Where and how we could apply FIDO in our service?
  • 10. Authentication / Privacy related features Account Registration Back-Up Restore Application Unlock Chat History Backup / Export Account Migration Change Email or Password
  • 11. Authentication / Privacy related features Account Registration Back-Up Restore Application Unlock Chat History Backup / Export Account Migration Change Email or Password FIDO not available ↑ “Account Recovery” issue FIDO not available ↑ Off-line UX Only in case of the same device Authentication itself as Optional Authentication itself as Optional
  • 12. Federation Fin-Tech / Block chain IoT 3rd Party App (Web) Clova Desktop LINE app “LINE Things” LINE Pay “LINE Login”
  • 13. Federation Fin-Tech / Block chain IoT 3rd Party App (Web) Clova Desktop LINE app “LINE Login” “LINE Things” LINE Pay
  • 14. 14 3. Use cases Analysis Introduce how we integrate FIDO and our feasible use cases
  • 15. Possible use cases Web LINE mobile app LINE Desktop App 3rd Party Web/Mobile App 3rd Party IoT Mobile app LINE Pay LINE Pay App inside of LINE Clova LINE xxx LINE family app (normal) AI speaker Connected Car LINE xxxLINE Game LINE family app (critical) (1)Social Login (federation) (1) or (4) (3) Desktop App Login (2) Setting Confirmation (4)(4) Transaction Auth (5) IoT Control (1) + (5) (6) Hands-free IoT Control (6)
  • 16. (0) FIDO registration Account Registration When login in mobile From setting Just before using FIDO access.line.me Register your Finger now?
  • 17. 1st factor authentication without email/pw 3rd party services can authenticate/authorize users secure and fast. (1) Social Login (“LINE Login” in Mobile webs) access.line. me
  • 18. LINE Login can get high assurance level of user consent User confirmation check With single gesture, 3rd party native apps can provide easy account creation and authentication. LINE app (1) Social Login (“LINE Login” in Mobile native apps) access.line.me 3rd party app
  • 19. With single gesture, 3rd party native apps can provide easy account creation and authentication. - Re-design for (1) login authentication screen and flow (2) anonymous auto-login? (3) FIDO-device MGT, .. (1) Social Login (“LINE Login” in Web apps)
  • 20. When changing email, password or in case of backup, export or restore of chat history (2) Setting Confirmation LINE app access.line.me
  • 21. (3-1) First login (currently, email + password -> QR code or PIN-code) (3-2) Re-login (currently, email + password) (3) Desktop App Login LINE app access.line.me LINE app (Desktop)
  • 22. Transaction confirmation for payment (Step-up authentication) across web and app For high risk transaction, multi factor authentication is required (4) Transaction Authentication LINE Pay access.line.me
  • 23. Add extra layer of security by leveraging secret keys (2nd factor authentication for login and withdrawal) (4) Transaction Authentication bitbox.mebitbox.me
  • 24. Manage and control IoT devices with secure manner Users can control IoT devices with LINE app • Start the car engine • Turn on the air conditioner • Monitor and watch your house LINE Things (5) IoT Control access.line.me LINE app
  • 25. Preserve user privacy (read private messages) and provide transaction confirmation (6) Hands-free IoT Control Make credit card payment! Okay, Alice Not allowed Read new messages!
  • 26. Use cases and FIDO protocol Use cases Scenes FIDO (0) FIDO Registration Reg, Login, Setting, Just before usage UAF, U2F/FIDO2 (1) Social Login Mobile app UAF Mobile web UAF PC web U2F/FIDO2 (2) Setting Confirmation Email/PW change, Backup/Export chat history UAF (3) Desktop App Login Native desktop app, UAF (4) Transaction Authentication Payment, Transfer money, Invest, .. UAF, U2F/FIDO2 (5) IoT Control IoT with Mobile app UAF (6) Hands-free IoT Control ?
  • 27. LINE integration architecture (to-be) Mobile web FIDO server LINE Pay LINE Login Native app Universal server Client platforms LINE LINE Wallet LINE Insurance LINE PFM LINE finance LINE Shopping LINE Gift LINE channels Desktop web Hybrid app Authenticators Platform services 2 FIDO2 Web apps & services ems USB/NFC/BLE devices Built-in chips Human gesture 2 On-premises apps Federation across services Credential sharing across platforms
  • 29. UAF/U2F/FIDO2 (Universal) Web / Mobile / PC client Not only LINE Coverage Authentication platform for all our customers across countries
  • 30. Harmonization of UAF and FIDO2 Account Recovery Integration as IdP Issues
  • 32. for Connected World for Digital Identity (beyond authentication) Disruption Future of FIDO