Post on 10-Dec-2016
Michael Barrett, President, FIDO Alliance
London October 10, 2013
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 1
Ø Consumerization of enterprise IT
Ø OEMs acquiring/developing fingerprint sensor capability
Ø Open standards development – FIDO
Ø Holistic ecosystem safety - Shared Signals
Trends in authentication
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 20
iPhone 5 authentication as a driver
• Users are at the center of a world of connected intelligence
• Consumerization of enterprise IT is an unstoppable trend
• Apple’s Touch ID is well architected
• Expect to see penetration of these devices into new domains
• Standards are critical to proliferation
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 2
Opportunity for Better Authentication is Upon Us
For Users For Organizations
Painful to Use
• 25 Accounts • 8 Logins / Day • 6.5 Passwords
Difficult to Secure
• $5.5M / Data Breach • $15M / PWD Reset • $60+ / Token
For the Ecosystem
Impossible to Scale
• Fragmented • Inflexible • Slow to Adopt
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 3
Common experiences related to authentication failure (respondents who say it happened to them one or more times over the past 2 years)
Users are frustrated - password complexity requirements working against them instead of supporting them
Experiences with Identity and Authentication
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 4
DO YOU REALLY WANT YOUR REFRIGERATOR TO KNOW YOUR PAYPAL
PASSWORD?
Do You Really Want Your Refrigerator to Know Your PayPal Password?
0
20
40
60
80
100
120
2006 2007 2008 2009 2010 2011 2012
Authentication Vendors
A Full Field…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 7
JUST EASY
“BETTER AUTHENTICATION”
JUST BAD
Hig
h Se
curit
y Lo
w
UNPLEASANT
Low High Usability
Security is not a Continuum…
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 5
New Technology Options…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 6
Authentication Standards Combined with Advances in Biometrics Provide a New Path Forward
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 3
How FIDO Works
FIDO Authenticators
Website Browser
FIDO Plugin
Device Specific Module
64
1
23 5
Validation Cache
secret secrets
refr
esh
Vendor Tokens FIDO
Repository
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 8
• User picks their own token type
• User decides when/if to bind their token to their account
• Existing tokens (like finger) can be used by downloading the FIDO plugin
• User can download the plugin from various sites
• User could have a PIN-protected USB drive to use while travelling
The FIDO “User” Experience
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 9
Please say your passphrase to log into your account
Speak
Voice Experience…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 10
Finger Experience…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 11
USB Experience…
www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 12
16
Additive two-factor Authentication…
Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 13
Ø The Internet needs better authentication, now Ø Stronger authentication is not “better
authentication” Ø An industry standards based approach is the
only viable way forward Ø “Whether you believe you can do a thing, or
not, you are right” (Henry Ford) www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 19
Michael Barrett, CISM, CISSP President, the FIDO Alliance
Thank You for Your Time!
www.fidoalliance.org Copyright 2013, The FIDO Alliance
All Rights Reserved 20
michael@fidoalliance.org http://www.fidoalliance.org