SlideShare une entreprise Scribd logo

Strong Authentication Trends in Government

Télécharger en tant que PPTX, PDF
FIDO Alliance
FIDO Alliance

The new model for stronger, simpler online authentication has implications beyond businesses and their consumers, including government policy and applications. FIDO authentication was designed with security and privacy at the forefront, making it a natural complement for government initiatives in these areas. Explore FIDO's role in policy, what the Alliance is doing in policy and how governments are working to implement FIDO authentication.

Technologie
1  sur  57
STRONG AUTHENTICATION TRENDS IN GOVERNMENT All Rights Reserved. FIDO Alliance. Copyright 2017.
Featuring Brett McDowell, Executive Director, FIDO Alliance Jeremy Grant, Managing Director, The Chertoff Group Adam Cooper, Technical Architect, Identity Assurance, UK Government Digital Service Elaine Newton, Standards Lead for Applied Cybersecurity, National Institute of Standards and Technology (NIST) All Rights Reserved. FIDO Alliance. Copyright 2017. 2
All Rights Reserved. FIDO Alliance. Copyright 2017. 3 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
Formed in 2012 to Solve the Password Problem 63% of data breaches in 2015 involved weak, default, or stolen passwords -Verizon Data Breach Report 1,093 data breaches in the US in 2016 up ~40% from 2015 -Identity Theft Resource Center Each data breach costs $3.8 million on average up 23% from 2013 -Ponemon Institute All Rights Reserved. FIDO Alliance. Copyright 2017. 4
The FIDO Alliance is an open industry association of over 250 organizations with a focused mission: authentication standards All Rights Reserved. FIDO Alliance. Copyright 2017. 5
FIDO Alliance Mission Develop Specifications Operate Adoption Programs Pursue Formal Standardization 1 2 3 define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to authenticate users of online services All Rights Reserved. FIDO Alliance. Copyright 2017. 6
Board Members All Rights Reserved. FIDO Alliance. Copyright 2017. 7
HOW “Shared Secrets” WORK ONLINE The user authenticates themselves online by presenting a human-readable “shared secret” All Rights Reserved. FIDO Alliance. Copyright 2017. 8
HOW FIDO WORKS AUTHENTICATOR LOCAL ONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography All Rights Reserved. FIDO Alliance. Copyright 2017. 9
OPEN STANDARDS R.O.I.  FIDO-ENABLE ONCE  GAIN EVERY DEVICE YOU TRUST  NO MORE ONE-OFF INTEGRATIONS All Rights Reserved. FIDO Alliance. Copyright 2017. 10
USABILITY, SECURITY, R.O.I. and PRIVACY All Rights Reserved. FIDO Alliance. Copyright 2017. 11
No 3rd Party in the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No (*new*) Link-ability Between Services No (*new*) Link-ability Between Accounts All Rights Reserved | FIDO Alliance | Copyright 2016.All Rights Reserved. FIDO Alliance. Copyright 2017. 12
13All Rights Reserved. FIDO Alliance. Copyright 2017. FIDO Authentication: Adoption & Ecosystem
Global Leaders Deploy FIDO Standards All Rights Reserved. FIDO Alliance. Copyright 2017. 14
Certification Growth  An open competitive market  Ensures interoperability  Sign of mature FIDO ecosystem 250+ FIDO® Certified products available today 230 74 32 62 74 108 162 216 253 304 Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16 Jan-17 TOTAL All Rights Reserved. FIDO Alliance. Copyright 2017. 15
FIDO Certified – Jan`17 All Rights Reserved. FIDO Alliance. Copyright 2017. 16
The Road Ahead W3C Web Authentication Specification Standards Effort with EMVCo Client-to- Authenticator Protocol (CTAP) FIDO Universal Server + New Certification Programs All Rights Reserved. FIDO Alliance. Copyright 2017. 17
All Rights Reserved. FIDO Alliance. Copyright 2017. 18 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
STRONG AUTHENTICATION TRENDS IN GOVERNMENT Jeremy Grant Managing Director The Chertoff Group All Rights Reserved. FIDO Alliance. Copyright 2017.
Authentication is Important to Government 1. Protects access to government assets 2. Enables more high-value citizen-facing services 3. Empowers private sector to provide a wider range of high value services to consumers 4. Secures critical assets and infrastructure 5. Promotes good security practices in the private sector Governments seek identity solutions that can deliver not just improved Security – but also Privacy, Interoperability, and better Customer Experiences All Rights Reserved. FIDO Alliance. Copyright 2017. 20
FIDO Is Impacting How Governments Think About Authentication • Enables support for “BYOC” (Bring Your Own Credential) • Take advantage of the growing ecosystem of FIDO solutions and standards • No requirement to issue a separate token or app for MFA • No need to create passwords for digital government services • Better Security, Privacy + Interoperability • Better Customer Experiences – simpler and safer • Reduced Cost for the Government Enterprise All Rights Reserved. FIDO Alliance. Copyright 2017. 21
FIDO Is Impacting How Governments Think About Authentication U.S. Commission on Enhancing National Cybersecurity • Bipartisan commission established by the White House in April – charged with crafting recommendations for the next President • Major focus on Authentication All Rights Reserved. FIDO Alliance. Copyright 2017. 22
U.S. Commission on Enhancing National Cybersecurity Focus on non-PIV solutions for USG Authentication “The next Administration should provide agencies with updated policies and guidance that continue to focus on increased adoption of strong authentication solutions, including but, importantly, not limited to personal identity verification (PIV) credentials. “To ensure adoption of strong, secure authentication by federal agencies, the requirements should be made performance based (i.e., strong) so they include other (i.e., non-PIV) forms of authentication, and should mandate 100 percent adoption within a year.” All Rights Reserved. FIDO Alliance. Copyright 2017. 23
U.S. Commission on Enhancing National Cybersecurity “Other important work that must be undertaken to overcome identity authentication challenges includes the development of open-source standards and specifications like those developed by the Fast IDentity Online (FIDO) Alliance. FIDO specifications are focused largely on the mobile smartphone platform to deliver multifactor authentication to the masses, all based on industry standard public key cryptography. Windows 10 has deployed FIDO specifications (known as Windows Hello), and numerous financial institutions have adopted FIDO for consumer banking. Today, organizations complying with FIDO specifications are able to deliver secure authentication technology on a wide range of devices, including mobile phones, USB keys, and near- field communications (NFC) and Bluetooth low energy (BLE) devices and wearables. This work, other standards activities, and new tools that support continuous authentication provide a strong foundation for opt-in identity management for the digital infrastructure.” All Rights Reserved. FIDO Alliance. Copyright 2017. 24
FIDO Is Impacting How Governments Think About Authentication Priorities: • Ensuring that future online products and services coming into use are “secure by default” • Empowering consumers to “choose products and services that have built- in security as a default setting.” “[We will] invest in technologies like Trusted Platform Modules (TPM) and emerging industry standards such as Fast IDentity Online (FIDO), which do not rely on passwords for user authentication, but use the machine and other devices in the user’s possession to authenticate. The Government will test innovative authentication mechanisms to demonstrate what they can offer, both in terms of security and overall user experience.” All Rights Reserved. FIDO Alliance. Copyright 2017. 25
A Note on Policy FIDO specifications offer governments newer, better options for strong authentication – but governments may need to update some policies to support the ways in which FIDO is different. As technology evolves, policy needs to evolve with it. All Rights Reserved. FIDO Alliance. Copyright 2017. 26
1. Multi-factor authentication no longer brings higher burdens or costs • While this statement was true of most “old” MFA technology, FIDO specifically addresses these cost and usability issues. • FIDO enables simpler, stronger authentication capabilities that governments, businesses and consumers can easily adopt at scale. All Rights Reserved. FIDO Alliance. Copyright 2017. 27
European Banking Authority (EBA) Draft Regulatory Technical Standards on PSD2 Strong Authentication 2. Technology is now mature enough to enable two secure, distinct AuthN factors in a single device All Rights Reserved. FIDO Alliance. Copyright 2017. 28
2. Technology is now mature enough to enable two secure, distinct AuthN factors in a single device • Recognized by the US government (NIST) in 2014… • “OMB (White House) to update guidance on remote electronic authentication” to remove requirements that one factor be separate from the device accessing the resource • The evolution of mobile devices – in particular, hardware architectures that offer highly robust and isolated execution environments (such as TEE, SE and TPM) – has allowed these devices to achieve high-grade security without the need for a physically distinct token All Rights Reserved. FIDO Alliance. Copyright 2017. 29
• Reflected in new NIST Draft Digital Identity Guidelines (SP 800-63B) 2. Technology is now mature enough to enable two secure, distinct AuthN factors in a single device All Rights Reserved. FIDO Alliance. Copyright 2017. 30
3. Local-match biometrics has matured and is an important authentication factor • New guidance from Taiwan’s Financial Supervisory Commission (FSC) • Previously guidance forbid local biometric match as an authentication factor; new guidance allows it, as part of a FIDO solution All Rights Reserved. FIDO Alliance. Copyright 2017. 31
FIDO Delivers on Key Government Priorities Security •Authentication using strong asymmetric Public Key cryptography •Superior to old “shared secrets” model – there is nothing to steal on the server •Biometrics as second factor Privacy •Privacy architected in up front; No linkability or tracking •Designed to support Privacy Principles of the European Data Protection Directive •Biometric data never leaves device •Consumer control and consent Interoperability •Open standards: FIDO 2.0 specs are in W3C standardization process •FIDO compliance/ conformance testing to ensure interoperability of “FIDO certified” products Usability •Designed with the user experience (UX) first – with a goal of making authentication as easy as possible. •Security built to support the user’s needs, not the other way around All Rights Reserved. FIDO Alliance. Copyright 2017. 32
All Rights Reserved. FIDO Alliance. Copyright 2017. 33 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
SAFER, FASTER, SIMPLER: A UK PERSPECTIVE Adam Cooper, Technical Architect, Identity Assurance, UK Government Digital Service All Rights Reserved. FIDO Alliance. Copyright 2017.
GDSGOV.UK Verify GOV.UK Verify is the new way to prove who you are online. [insert new logo]
GDSGOV.UK Verify A certified company verifies you on behalf of government
GDSGOV.UK Verify * There are a range of high quality companies certified to verify identity for GOV.UK Verify
GDSGOV.UK Verify Adopting outcome based standards has led to innovation, choice and opportunity.
GDSGOV.UK Verify We publish them on GOV.UK… https://www.gov.uk/government/collections/identity-assurance-enabling-trusted-transactions
GDSGOV.UK Verify eIDAS Regulation – promoting the use of national eID internationally
GDSGOV.UK Verify Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market (aka eIDAS). Mutual acceptance of eID cross-border Interoperability standards Encourages cooperation between Member States Huge potential: e.g. PSD2, AML4D
GDSGOV.UK Verify Building a more secure internet
GDSGOV.UK Verify “Objective 5.2.3. The majority of online products and services coming into use become ‘secure by default’ by 2021.” - National Cyber Security Strategy 2016-2021
GDSGOV.UK Verify To achieve this goal the Government will… Lead by example Explore options for collaboration with industry Adopt challenging new cyber security technologies in government
GDSGOV.UK Verify “invest in… emerging industry standards such as Fast Identity Online (FIDO), which do not rely on passwords for user authentication, but use the machine and other devices in the user’s possession to authenticate.”
GDSGOV.UK Verify For more information visit the blog at identityassurance.blog.gov.uk or go to gov.uk/verify
All Rights Reserved. FIDO Alliance. Copyright 2017. 47 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
DEVELOPMENTS IN BIOMETRIC GUIDANCE Elaine Newton, PhD, Standards Lead for Applied Cybersecurity, National Institute of Standards and Technology (NIST) All Rights Reserved. FIDO Alliance. Copyright 2017.
The SOFA Project • NIST is exploring a framework around Strength of Function for Authenticators - Biometrics (SOFA-B) for measuring and evaluating the strength of a biometric authentication on mobile devices to: • Determine how effectively they mitigate different levels of transactional risk • Understand how such biometric factors can be combined with, or substituted for, other authentication factors All Rights Reserved. FIDO Alliance. Copyright 2017. 49
System and Attack Analysis Data Capture Signal Processing Comparison Decision Data Storage Override Capture Device Extract/Modify Biometric Sample Override Signal Processor Modify Probe Override Comparator Modify Score Override Decision Engine Override Database Modify Biometric Reference Presentation Attack Modify Decision 1 2 3 4 5 6 9 10 11 7 8 Many attacks can be mitigated by core security controls: e.g., encryption, mutual authentication, limiting of unsuccessful attempts Some areas require specific focus in biometrics: e.g., template protection All Rights Reserved. FIDO Alliance. Copyright 2017. 50
Recommendation: Analyze and quantify factors specific to biometric systems. Data Capture Signal Processing Comparison Decision Data Storage Override Capture Device Extract/Modify Biometric Sample Override Signal Processor Modify Probe Override Comparator Modify Score Override Decision Engine Override Database Modify Biometric Reference Presentation Attack Modify Decision 1 2 3 4 5 6 9 10 11 7 8 PAD Error Rate: Shorthand for Probability of a successful presentation attack* FMR: Probability of a false match occurring Matching Performance Two aspects stood out as unique to biometric authN: Presentation Attacks and the Matching Performance; each carries potential metrics to contribute to strength. All Rights Reserved. FIDO Alliance. Copyright 2017. 51
Zero-Information and Targeted Attacks • “Zero-information” and “targeted” attacks should be considered, as both scenarios may affect Effort, as well as PADER and FMR. ZeroInfo.Targeted Shoulder surf Retrieve biometric Create artefactNotepads All Rights Reserved. FIDO Alliance. Copyright 2017. 52
Recommendation: Quantify SOFA for Zero Information Attacks • Goal is to move towards developing metrics that can be compared and combined to better understand authentication systems • Ultimately, we would be able to determine the same type of measure for most authentication systems αSOFAZero Info (Biometrics) FMR x PADER Effort αSOFAZero Info (PIN/PW) NL Effort x All Rights Reserved. FIDO Alliance. Copyright 2017. 53
Overview of Draft NIST SP 800-63-3 Biometric Requirements • FMR less than or equal to 1 in 1000 or better. • False non-match rate is left to applications to determine their needs. • To deal with presentation attacks (aka spoofs or fakes at the sensor): • Strict rate limiting is required OR • Rate limiting plus PAD (demonstrating at least 90% resistance to presentation attacks for each relevant attack type (aka species)). • Must authenticate something you have (always 2 factor). • Protected channel required prior to capturing biometric sample. • Additional requirements for server/central matching. • Memory wipe requirement. All Rights Reserved. FIDO Alliance. Copyright 2017. 54
All Rights Reserved. FIDO Alliance. Copyright 2017. 55 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
Questions for our Experts? Brett McDowell, Executive Director, FIDO Alliance Jeremy Grant, Managing Director, The Chertoff Group Adam Cooper, Technical Architect, Identity Assurance, UK Government Digital Service Elaine Newton, Standards Lead for Applied Cybersecurity, National Institute of Standards and Technology (NIST) All Rights Reserved. FIDO Alliance. Copyright 2017. 56
THANK YOU fidoalliance.org @fidoalliance All Rights Reserved. FIDO Alliance. Copyright 2017.

Recommandé

Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
 
FIDO - The Value of Membership
FIDO - The Value of Membership FIDO - The Value of Membership
FIDO - The Value of Membership
FIDO Alliance
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
FIDO Alliance
 
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Alliance
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO Alliance
 
FIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming WebinarFIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming Webinar
FIDO Alliance
 
FIDO Based Consumer Authentication
FIDO Based Consumer AuthenticationFIDO Based Consumer Authentication
FIDO Based Consumer Authentication
FIDO Alliance
 
FIDO Specifications Overview
FIDO Specifications OverviewFIDO Specifications Overview
FIDO Specifications Overview
FIDO Alliance
 

Recommandé

Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
 
FIDO - The Value of Membership
FIDO - The Value of Membership FIDO - The Value of Membership
FIDO - The Value of Membership
FIDO Alliance
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
FIDO Alliance
 
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Alliance
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO Alliance
 
FIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming WebinarFIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming Webinar
FIDO Alliance
 
FIDO Based Consumer Authentication
FIDO Based Consumer AuthenticationFIDO Based Consumer Authentication
FIDO Based Consumer Authentication
FIDO Alliance
 
FIDO Specifications Overview
FIDO Specifications OverviewFIDO Specifications Overview
FIDO Specifications Overview
FIDO Alliance
 
Introduction to FIDO Authentication
Introduction to FIDO AuthenticationIntroduction to FIDO Authentication
Introduction to FIDO Authentication
FIDO Alliance
 
FIDO Authentication and GSMA Mobile Connect
FIDO Authentication and GSMA Mobile ConnectFIDO Authentication and GSMA Mobile Connect
FIDO Authentication and GSMA Mobile Connect
FIDO Alliance
 
NTT DOCOMO Deployment Case Study
NTT DOCOMO Deployment Case StudyNTT DOCOMO Deployment Case Study
NTT DOCOMO Deployment Case Study
FIDO Alliance
 
Google Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersGoogle Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and Consumers
FIDO Alliance
 
GDPR(一般データ保護規則)とFIDO標準について
GDPR(一般データ保護規則)とFIDO標準についてGDPR(一般データ保護規則)とFIDO標準について
GDPR(一般データ保護規則)とFIDO標準について
FIDO Alliance
 
Javelin Research 2017 State of Authentication Report
Javelin Research 2017 State of Authentication ReportJavelin Research 2017 State of Authentication Report
Javelin Research 2017 State of Authentication Report
FIDO Alliance
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
FIDO Alliance
 
FIDO Technical Specifications Overview
FIDO Technical Specifications OverviewFIDO Technical Specifications Overview
FIDO Technical Specifications Overview
FIDO Alliance
 
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
FIDO Alliance
 
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native AppsUAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
FIDO Alliance
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
FIDO Alliance
 
Authentication and ID Proofing in Education
Authentication and ID Proofing in EducationAuthentication and ID Proofing in Education
Authentication and ID Proofing in Education
FIDO Alliance
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile Connect
FIDO Alliance
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
FIDO Alliance
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology Landscape
FIDO Alliance
 
Protecting IDAAS with FIDO Authentication
Protecting IDAAS with FIDO AuthenticationProtecting IDAAS with FIDO Authentication
Protecting IDAAS with FIDO Authentication
FIDO Alliance
 
Getting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical TutorialGetting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical Tutorial
FIDO Alliance
 
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
FIDO Alliance
 
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationBeyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
FIDO Alliance
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
FIDO Alliance
 
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Alliance
 

Contenu connexe

Tendances

Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
FIDO Alliance
 
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance
 
Getting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical TutorialGetting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical Tutorial
FIDO Alliance
 

Tendances (20)

Introduction to FIDO Authentication
Introduction to FIDO AuthenticationIntroduction to FIDO Authentication
Introduction to FIDO Authentication
 
FIDO Authentication and GSMA Mobile Connect
FIDO Authentication and GSMA Mobile ConnectFIDO Authentication and GSMA Mobile Connect
FIDO Authentication and GSMA Mobile Connect
 
NTT DOCOMO Deployment Case Study
NTT DOCOMO Deployment Case StudyNTT DOCOMO Deployment Case Study
NTT DOCOMO Deployment Case Study
 
Google Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersGoogle Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and Consumers
 
GDPR(一般データ保護規則)とFIDO標準について
GDPR(一般データ保護規則)とFIDO標準についてGDPR(一般データ保護規則)とFIDO標準について
GDPR(一般データ保護規則)とFIDO標準について
 
Javelin Research 2017 State of Authentication Report
Javelin Research 2017 State of Authentication ReportJavelin Research 2017 State of Authentication Report
Javelin Research 2017 State of Authentication Report
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
 
FIDO Technical Specifications Overview
FIDO Technical Specifications OverviewFIDO Technical Specifications Overview
FIDO Technical Specifications Overview
 
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
 
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native AppsUAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
 
Authentication and ID Proofing in Education
Authentication and ID Proofing in EducationAuthentication and ID Proofing in Education
Authentication and ID Proofing in Education
 
FIDO and Mobile Connect
FIDO and Mobile ConnectFIDO and Mobile Connect
FIDO and Mobile Connect
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology Landscape
 
Protecting IDAAS with FIDO Authentication
Protecting IDAAS with FIDO AuthenticationProtecting IDAAS with FIDO Authentication
Protecting IDAAS with FIDO Authentication
 
Getting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical TutorialGetting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical Tutorial
 
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
 
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationBeyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
 

En vedette

社群平台 MAERSK LINE 概況分析
社群平台 MAERSK LINE 概況分析社群平台 MAERSK LINE 概況分析
社群平台 MAERSK LINE 概況分析
Gina Chang
 
Advanced First Aid
Advanced First AidAdvanced First Aid
Advanced First Aid
Shameer Babu
 

En vedette (20)

Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
 
FIDO Alliance Activity in Japan
FIDO Alliance Activity in Japan FIDO Alliance Activity in Japan
FIDO Alliance Activity in Japan
 
NTT Docomo Deployment Case Study: Your Security, More Simple
NTT Docomo Deployment Case Study: Your Security, More SimpleNTT Docomo Deployment Case Study: Your Security, More Simple
NTT Docomo Deployment Case Study: Your Security, More Simple
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
Bio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in KoreaBio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in Korea
 
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
 
FIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2FFIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2F
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security
 
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
Digitalization of Public Sector: How to LeapFrog with ICT - global best pract...
 
Présentation de la protection sociale française
Présentation de la protection sociale françaisePrésentation de la protection sociale française
Présentation de la protection sociale française
 
Reduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device AuthenticationReduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device Authentication
 
New Trends in Mobile Authentication
New Trends in Mobile AuthenticationNew Trends in Mobile Authentication
New Trends in Mobile Authentication
 
Contenido modelo de webquest
Contenido modelo de webquestContenido modelo de webquest
Contenido modelo de webquest
 
Contenido modelo de webquest
Contenido modelo de webquestContenido modelo de webquest
Contenido modelo de webquest
 
Evaluacion1
Evaluacion1Evaluacion1
Evaluacion1
 
社群平台 MAERSK LINE 概況分析
社群平台 MAERSK LINE 概況分析社群平台 MAERSK LINE 概況分析
社群平台 MAERSK LINE 概況分析
 
Advanced First Aid
Advanced First AidAdvanced First Aid
Advanced First Aid
 
NTT DOCOMO Deployment Case Study: Your Security, More Simple
NTT DOCOMO Deployment Case Study: Your Security, More SimpleNTT DOCOMO Deployment Case Study: Your Security, More Simple
NTT DOCOMO Deployment Case Study: Your Security, More Simple
 
Instrumentation Inspector
Instrumentation InspectorInstrumentation Inspector
Instrumentation Inspector
 

Similaire à Strong Authentication Trends in Government

FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Alliance
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategy
fEngel
 
Biometrics: A New Wrinkle Changes the Authentication Landscape
Biometrics: A New Wrinkle Changes the Authentication Landscape Biometrics: A New Wrinkle Changes the Authentication Landscape
Biometrics: A New Wrinkle Changes the Authentication Landscape
mercatoradvisory
 
The Future of Authentication for IoT
The Future of Authentication for IoTThe Future of Authentication for IoT
The Future of Authentication for IoT
FIDO Alliance
 

Similaire à Strong Authentication Trends in Government (20)

FIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government RequirementsFIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government Requirements
 
Global Regulatory Landscape for Strong Authentication
Global Regulatory Landscape for Strong AuthenticationGlobal Regulatory Landscape for Strong Authentication
Global Regulatory Landscape for Strong Authentication
 
FIDO's Role in the Global Regulatory Landscape for Strong Authentication
FIDO's Role in the Global Regulatory Landscape for Strong AuthenticationFIDO's Role in the Global Regulatory Landscape for Strong Authentication
FIDO's Role in the Global Regulatory Landscape for Strong Authentication
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
 
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
 
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptxWelcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
Introduction to FIDO Biometric Authentication
Introduction to FIDO Biometric AuthenticationIntroduction to FIDO Biometric Authentication
Introduction to FIDO Biometric Authentication
 
FIDO in Government
FIDO in GovernmentFIDO in Government
FIDO in Government
 
Tokyo Seminar: FIDO Alliance Vision and Status
Tokyo Seminar: FIDO Alliance Vision and StatusTokyo Seminar: FIDO Alliance Vision and Status
Tokyo Seminar: FIDO Alliance Vision and Status
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
 
Mulin Holstein PKI-strategy
Mulin Holstein PKI-strategyMulin Holstein PKI-strategy
Mulin Holstein PKI-strategy
 
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and NewsThe FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and News
 
FIDO Alliance Vision and Status
FIDO Alliance Vision and StatusFIDO Alliance Vision and Status
FIDO Alliance Vision and Status
 
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
 
Biometrics: A New Wrinkle Changes the Authentication Landscape
Biometrics: A New Wrinkle Changes the Authentication Landscape Biometrics: A New Wrinkle Changes the Authentication Landscape
Biometrics: A New Wrinkle Changes the Authentication Landscape
 
The State of Strong Authentication
The State of Strong AuthenticationThe State of Strong Authentication
The State of Strong Authentication
 
The Future of Authentication for IoT
The Future of Authentication for IoTThe Future of Authentication for IoT
The Future of Authentication for IoT
 

Plus de FIDO Alliance

Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
FIDO Alliance
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 

Plus de FIDO Alliance (20)

IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
 
OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
 
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxCISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptx
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
 
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向
 
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案
 
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察
 
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ
 
YubiOnが目指す未来
YubiOnが目指す未来YubiOnが目指す未来
YubiOnが目指す未来
 
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみた
 
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例中小企業によるFIDO導入事例
中小企業によるFIDO導入事例
 
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスVPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
 
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークCloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワーク
 
数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート
 
FIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards AuthenticationFIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards Authentication
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
 

Dernier

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Dernier (20)

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 

Strong Authentication Trends in Government

  • 1. STRONG AUTHENTICATION TRENDS IN GOVERNMENT All Rights Reserved. FIDO Alliance. Copyright 2017.
  • 2. Featuring Brett McDowell, Executive Director, FIDO Alliance Jeremy Grant, Managing Director, The Chertoff Group Adam Cooper, Technical Architect, Identity Assurance, UK Government Digital Service Elaine Newton, Standards Lead for Applied Cybersecurity, National Institute of Standards and Technology (NIST) All Rights Reserved. FIDO Alliance. Copyright 2017. 2
  • 3. All Rights Reserved. FIDO Alliance. Copyright 2017. 3 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
  • 4. Formed in 2012 to Solve the Password Problem 63% of data breaches in 2015 involved weak, default, or stolen passwords -Verizon Data Breach Report 1,093 data breaches in the US in 2016 up ~40% from 2015 -Identity Theft Resource Center Each data breach costs $3.8 million on average up 23% from 2013 -Ponemon Institute All Rights Reserved. FIDO Alliance. Copyright 2017. 4
  • 5. The FIDO Alliance is an open industry association of over 250 organizations with a focused mission: authentication standards All Rights Reserved. FIDO Alliance. Copyright 2017. 5
  • 6. FIDO Alliance Mission Develop Specifications Operate Adoption Programs Pursue Formal Standardization 1 2 3 define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to authenticate users of online services All Rights Reserved. FIDO Alliance. Copyright 2017. 6
  • 7. Board Members All Rights Reserved. FIDO Alliance. Copyright 2017. 7
  • 8. HOW “Shared Secrets” WORK ONLINE The user authenticates themselves online by presenting a human-readable “shared secret” All Rights Reserved. FIDO Alliance. Copyright 2017. 8
  • 9. HOW FIDO WORKS AUTHENTICATOR LOCAL ONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography All Rights Reserved. FIDO Alliance. Copyright 2017. 9
  • 10. OPEN STANDARDS R.O.I.  FIDO-ENABLE ONCE  GAIN EVERY DEVICE YOU TRUST  NO MORE ONE-OFF INTEGRATIONS All Rights Reserved. FIDO Alliance. Copyright 2017. 10
  • 11. USABILITY, SECURITY, R.O.I. and PRIVACY All Rights Reserved. FIDO Alliance. Copyright 2017. 11
  • 12. No 3rd Party in the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No (*new*) Link-ability Between Services No (*new*) Link-ability Between Accounts All Rights Reserved | FIDO Alliance | Copyright 2016.All Rights Reserved. FIDO Alliance. Copyright 2017. 12
  • 13. 13All Rights Reserved. FIDO Alliance. Copyright 2017. FIDO Authentication: Adoption & Ecosystem
  • 14. Global Leaders Deploy FIDO Standards All Rights Reserved. FIDO Alliance. Copyright 2017. 14
  • 15. Certification Growth  An open competitive market  Ensures interoperability  Sign of mature FIDO ecosystem 250+ FIDO® Certified products available today 230 74 32 62 74 108 162 216 253 304 Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16 Jan-17 TOTAL All Rights Reserved. FIDO Alliance. Copyright 2017. 15
  • 16. FIDO Certified – Jan`17 All Rights Reserved. FIDO Alliance. Copyright 2017. 16
  • 17. The Road Ahead W3C Web Authentication Specification Standards Effort with EMVCo Client-to- Authenticator Protocol (CTAP) FIDO Universal Server + New Certification Programs All Rights Reserved. FIDO Alliance. Copyright 2017. 17
  • 18. All Rights Reserved. FIDO Alliance. Copyright 2017. 18 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
  • 19. STRONG AUTHENTICATION TRENDS IN GOVERNMENT Jeremy Grant Managing Director The Chertoff Group All Rights Reserved. FIDO Alliance. Copyright 2017.
  • 20. Authentication is Important to Government 1. Protects access to government assets 2. Enables more high-value citizen-facing services 3. Empowers private sector to provide a wider range of high value services to consumers 4. Secures critical assets and infrastructure 5. Promotes good security practices in the private sector Governments seek identity solutions that can deliver not just improved Security – but also Privacy, Interoperability, and better Customer Experiences All Rights Reserved. FIDO Alliance. Copyright 2017. 20
  • 21. FIDO Is Impacting How Governments Think About Authentication • Enables support for “BYOC” (Bring Your Own Credential) • Take advantage of the growing ecosystem of FIDO solutions and standards • No requirement to issue a separate token or app for MFA • No need to create passwords for digital government services • Better Security, Privacy + Interoperability • Better Customer Experiences – simpler and safer • Reduced Cost for the Government Enterprise All Rights Reserved. FIDO Alliance. Copyright 2017. 21
  • 22. FIDO Is Impacting How Governments Think About Authentication U.S. Commission on Enhancing National Cybersecurity • Bipartisan commission established by the White House in April – charged with crafting recommendations for the next President • Major focus on Authentication All Rights Reserved. FIDO Alliance. Copyright 2017. 22
  • 23. U.S. Commission on Enhancing National Cybersecurity Focus on non-PIV solutions for USG Authentication “The next Administration should provide agencies with updated policies and guidance that continue to focus on increased adoption of strong authentication solutions, including but, importantly, not limited to personal identity verification (PIV) credentials. “To ensure adoption of strong, secure authentication by federal agencies, the requirements should be made performance based (i.e., strong) so they include other (i.e., non-PIV) forms of authentication, and should mandate 100 percent adoption within a year.” All Rights Reserved. FIDO Alliance. Copyright 2017. 23
  • 24. U.S. Commission on Enhancing National Cybersecurity “Other important work that must be undertaken to overcome identity authentication challenges includes the development of open-source standards and specifications like those developed by the Fast IDentity Online (FIDO) Alliance. FIDO specifications are focused largely on the mobile smartphone platform to deliver multifactor authentication to the masses, all based on industry standard public key cryptography. Windows 10 has deployed FIDO specifications (known as Windows Hello), and numerous financial institutions have adopted FIDO for consumer banking. Today, organizations complying with FIDO specifications are able to deliver secure authentication technology on a wide range of devices, including mobile phones, USB keys, and near- field communications (NFC) and Bluetooth low energy (BLE) devices and wearables. This work, other standards activities, and new tools that support continuous authentication provide a strong foundation for opt-in identity management for the digital infrastructure.” All Rights Reserved. FIDO Alliance. Copyright 2017. 24
  • 25. FIDO Is Impacting How Governments Think About Authentication Priorities: • Ensuring that future online products and services coming into use are “secure by default” • Empowering consumers to “choose products and services that have built- in security as a default setting.” “[We will] invest in technologies like Trusted Platform Modules (TPM) and emerging industry standards such as Fast IDentity Online (FIDO), which do not rely on passwords for user authentication, but use the machine and other devices in the user’s possession to authenticate. The Government will test innovative authentication mechanisms to demonstrate what they can offer, both in terms of security and overall user experience.” All Rights Reserved. FIDO Alliance. Copyright 2017. 25
  • 26. A Note on Policy FIDO specifications offer governments newer, better options for strong authentication – but governments may need to update some policies to support the ways in which FIDO is different. As technology evolves, policy needs to evolve with it. All Rights Reserved. FIDO Alliance. Copyright 2017. 26
  • 27. 1. Multi-factor authentication no longer brings higher burdens or costs • While this statement was true of most “old” MFA technology, FIDO specifically addresses these cost and usability issues. • FIDO enables simpler, stronger authentication capabilities that governments, businesses and consumers can easily adopt at scale. All Rights Reserved. FIDO Alliance. Copyright 2017. 27
  • 28. European Banking Authority (EBA) Draft Regulatory Technical Standards on PSD2 Strong Authentication 2. Technology is now mature enough to enable two secure, distinct AuthN factors in a single device All Rights Reserved. FIDO Alliance. Copyright 2017. 28
  • 29. 2. Technology is now mature enough to enable two secure, distinct AuthN factors in a single device • Recognized by the US government (NIST) in 2014… • “OMB (White House) to update guidance on remote electronic authentication” to remove requirements that one factor be separate from the device accessing the resource • The evolution of mobile devices – in particular, hardware architectures that offer highly robust and isolated execution environments (such as TEE, SE and TPM) – has allowed these devices to achieve high-grade security without the need for a physically distinct token All Rights Reserved. FIDO Alliance. Copyright 2017. 29
  • 30. • Reflected in new NIST Draft Digital Identity Guidelines (SP 800-63B) 2. Technology is now mature enough to enable two secure, distinct AuthN factors in a single device All Rights Reserved. FIDO Alliance. Copyright 2017. 30
  • 31. 3. Local-match biometrics has matured and is an important authentication factor • New guidance from Taiwan’s Financial Supervisory Commission (FSC) • Previously guidance forbid local biometric match as an authentication factor; new guidance allows it, as part of a FIDO solution All Rights Reserved. FIDO Alliance. Copyright 2017. 31
  • 32. FIDO Delivers on Key Government Priorities Security •Authentication using strong asymmetric Public Key cryptography •Superior to old “shared secrets” model – there is nothing to steal on the server •Biometrics as second factor Privacy •Privacy architected in up front; No linkability or tracking •Designed to support Privacy Principles of the European Data Protection Directive •Biometric data never leaves device •Consumer control and consent Interoperability •Open standards: FIDO 2.0 specs are in W3C standardization process •FIDO compliance/ conformance testing to ensure interoperability of “FIDO certified” products Usability •Designed with the user experience (UX) first – with a goal of making authentication as easy as possible. •Security built to support the user’s needs, not the other way around All Rights Reserved. FIDO Alliance. Copyright 2017. 32
  • 33. All Rights Reserved. FIDO Alliance. Copyright 2017. 33 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
  • 34. SAFER, FASTER, SIMPLER: A UK PERSPECTIVE Adam Cooper, Technical Architect, Identity Assurance, UK Government Digital Service All Rights Reserved. FIDO Alliance. Copyright 2017.
  • 35. GDSGOV.UK Verify GOV.UK Verify is the new way to prove who you are online. [insert new logo]
  • 36. GDSGOV.UK Verify A certified company verifies you on behalf of government
  • 37. GDSGOV.UK Verify * There are a range of high quality companies certified to verify identity for GOV.UK Verify
  • 38. GDSGOV.UK Verify Adopting outcome based standards has led to innovation, choice and opportunity.
  • 39. GDSGOV.UK Verify We publish them on GOV.UK… https://www.gov.uk/government/collections/identity-assurance-enabling-trusted-transactions
  • 40. GDSGOV.UK Verify eIDAS Regulation – promoting the use of national eID internationally
  • 41. GDSGOV.UK Verify Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market (aka eIDAS). Mutual acceptance of eID cross-border Interoperability standards Encourages cooperation between Member States Huge potential: e.g. PSD2, AML4D
  • 42. GDSGOV.UK Verify Building a more secure internet
  • 43. GDSGOV.UK Verify “Objective 5.2.3. The majority of online products and services coming into use become ‘secure by default’ by 2021.” - National Cyber Security Strategy 2016-2021
  • 44. GDSGOV.UK Verify To achieve this goal the Government will… Lead by example Explore options for collaboration with industry Adopt challenging new cyber security technologies in government
  • 45. GDSGOV.UK Verify “invest in… emerging industry standards such as Fast Identity Online (FIDO), which do not rely on passwords for user authentication, but use the machine and other devices in the user’s possession to authenticate.”
  • 46. GDSGOV.UK Verify For more information visit the blog at identityassurance.blog.gov.uk or go to gov.uk/verify
  • 47. All Rights Reserved. FIDO Alliance. Copyright 2017. 47 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
  • 48. DEVELOPMENTS IN BIOMETRIC GUIDANCE Elaine Newton, PhD, Standards Lead for Applied Cybersecurity, National Institute of Standards and Technology (NIST) All Rights Reserved. FIDO Alliance. Copyright 2017.
  • 49. The SOFA Project • NIST is exploring a framework around Strength of Function for Authenticators - Biometrics (SOFA-B) for measuring and evaluating the strength of a biometric authentication on mobile devices to: • Determine how effectively they mitigate different levels of transactional risk • Understand how such biometric factors can be combined with, or substituted for, other authentication factors All Rights Reserved. FIDO Alliance. Copyright 2017. 49
  • 50. System and Attack Analysis Data Capture Signal Processing Comparison Decision Data Storage Override Capture Device Extract/Modify Biometric Sample Override Signal Processor Modify Probe Override Comparator Modify Score Override Decision Engine Override Database Modify Biometric Reference Presentation Attack Modify Decision 1 2 3 4 5 6 9 10 11 7 8 Many attacks can be mitigated by core security controls: e.g., encryption, mutual authentication, limiting of unsuccessful attempts Some areas require specific focus in biometrics: e.g., template protection All Rights Reserved. FIDO Alliance. Copyright 2017. 50
  • 51. Recommendation: Analyze and quantify factors specific to biometric systems. Data Capture Signal Processing Comparison Decision Data Storage Override Capture Device Extract/Modify Biometric Sample Override Signal Processor Modify Probe Override Comparator Modify Score Override Decision Engine Override Database Modify Biometric Reference Presentation Attack Modify Decision 1 2 3 4 5 6 9 10 11 7 8 PAD Error Rate: Shorthand for Probability of a successful presentation attack* FMR: Probability of a false match occurring Matching Performance Two aspects stood out as unique to biometric authN: Presentation Attacks and the Matching Performance; each carries potential metrics to contribute to strength. All Rights Reserved. FIDO Alliance. Copyright 2017. 51
  • 52. Zero-Information and Targeted Attacks • “Zero-information” and “targeted” attacks should be considered, as both scenarios may affect Effort, as well as PADER and FMR. ZeroInfo.Targeted Shoulder surf Retrieve biometric Create artefactNotepads All Rights Reserved. FIDO Alliance. Copyright 2017. 52
  • 53. Recommendation: Quantify SOFA for Zero Information Attacks • Goal is to move towards developing metrics that can be compared and combined to better understand authentication systems • Ultimately, we would be able to determine the same type of measure for most authentication systems αSOFAZero Info (Biometrics) FMR x PADER Effort αSOFAZero Info (PIN/PW) NL Effort x All Rights Reserved. FIDO Alliance. Copyright 2017. 53
  • 54. Overview of Draft NIST SP 800-63-3 Biometric Requirements • FMR less than or equal to 1 in 1000 or better. • False non-match rate is left to applications to determine their needs. • To deal with presentation attacks (aka spoofs or fakes at the sensor): • Strict rate limiting is required OR • Rate limiting plus PAD (demonstrating at least 90% resistance to presentation attacks for each relevant attack type (aka species)). • Must authenticate something you have (always 2 factor). • Protected channel required prior to capturing biometric sample. • Additional requirements for server/central matching. • Memory wipe requirement. All Rights Reserved. FIDO Alliance. Copyright 2017. 54
  • 55. All Rights Reserved. FIDO Alliance. Copyright 2017. 55 • FIDO Alliance Overview, Brett McDowell • Strong Authentication Trends in Government, Jeremy Grant • Safer, Faster, Simpler: A UK Perspective, Adam Cooper • Developments in Biometric Guidance, Elaine Newton • Q & A
  • 56. Questions for our Experts? Brett McDowell, Executive Director, FIDO Alliance Jeremy Grant, Managing Director, The Chertoff Group Adam Cooper, Technical Architect, Identity Assurance, UK Government Digital Service Elaine Newton, Standards Lead for Applied Cybersecurity, National Institute of Standards and Technology (NIST) All Rights Reserved. FIDO Alliance. Copyright 2017. 56
  • 57. THANK YOU fidoalliance.org @fidoalliance All Rights Reserved. FIDO Alliance. Copyright 2017.