STRONG AUTHENTICATION & THE CLOUD – FIDO ALLIANCE

RAMESH KESANUPALLI, FOUNDER, NOK NOK LABS FIDO VISIONARY

CONNECTED WORLD

2

Everything Authenticates

50 Billion Connected Devices

(by 20201)

Internet of Things

Mobile Payments

Books

60 Billion Apps downloaded

(Apple App Store, Oct 20132)

Personalized content

M-Commerce

Music

Cloud Services

Social networks Financial services Medical records

Connected Devices Hub

RAMPANT ONLINE ATTACKS

3

•  Major hacks have been targeted at password databases within Online Gaming, Financial Services, Social Media organizations

•  Password Re-use is a

significant problem – technical analysis of data breaches have shown that 76% of passwords used across multiple sites.

IDENTITY AND AUTHENTICATION LANDSCAPE •  99% OF ONLINE ATTACKS AND IDENTITY THEFT ARE CONNECTED TO

PASSWORD THEFT •  CURRENT TWO FACTOR SOLUTIONS RIDE ON TOP OF PASSWORDS AND

ARE: •  EXPENSIVE •  COMPLEX •  DO NOT SCALE •  PROPRIETARY •  TO COMPLICATED TO DEPLOY OR SWITCH

•  NO SCALABLE CONSUMER AUTHENTICATION SOLUTION •  HIGHER SECURITY TODAY REQUIRES MORE TRANSACTION FRICTION

ACCOUNT NAME AND PASSWORDS DO NOT WORK ON MOBILE DEVICES CLOUD SERVICES NEED STRONG AUTHENTICATION TO MITIGATE RISKS

Authentication is KEY - whether it is User to Device, User to Service, Device to Device, Device to Service

TODAY’S AUTHENTICATION SOLUTIONS FALL SHORT

5

Easy but

WEAK

DIFFICULT but

Strong

Easy to Use AND

Strong

Desired !!

COMMON AUTHENTICATION PLUMBING

6

Users

Cloud/Enterprise

Devices

Federation

Open Standard Plug-In Approach

Interoperable Ecosystem

Usable Authentication

WHAT IS NEEDED

7

MICHAEL BARRETT

FORMER CHIEF INFORMATION SECURITY OFFICER

RAMESH KESANUPALLI

FORMER CTO

TAHER ELGAMAL

INVENTOR OF SSL

CURRENTLY FOUNDER, CHIEF ALLIANCES OFFICER AND FIDO VISIONARY

CURRENTLY CTO SECURITY

CURRENTLY BOARD MEMBER

VISIONARIES

PHIL DUNKELBERGER

FORMER CEO

CURRENTLY PRESIDENT AND CEO

8

INDUSTRY COOPERATION REQUIRED NO ONE COMPANY CAN FIX THE PROBLEM

15 MONTHS AGO

PUBLIC LAUNCH

FIDO’S EXPLOSIVE GROWTH

9

Industry Standard

Feb 2013 May 2014 Next

6     118  

Companies Companies

Public Launch

Public Review Spec

Companies

10

THE FIDO ALLIANCE AND NOK NOK LABS

11

Standards   Products  

Industry Standard Protocol

“FIDO Ready™”

FIRST FIDO Ready™ Server and Client Software:

NNL S3 Suite

Key Industry Partnerships

FIDO - UNIQUE APPROACH Any Device. Any Application. Any Authenticator.

12

Standardized Protocols

Local authentication unlocks app specific key

Key used to authenticate to server

MORE SECURE AUTHENTICATION

13

Unique Cryptographic Secrets

Feature   Security  Benefit    

Unique key per user/device/site Segmentation of risk

High-entropy asymmetric keys instead of passwords

Protection against dictionary, brute force attacks

Secrets not exposed to user Protection against phishing, key logging, shoulder surfing

User Account Device Site

FUTURE PROOF

14

Standardized Protocol

Plugin any authentication method on device

? Decouple Method <-> Protocol Standardize Protocol

1 2

Authentication clients for any device

Single Infrastructure

REDUCED COST & COMPLEXITY

15

Any Device Risk Appropriate

Lower Cost & Complexity

USABILITY & DIVERSITY

16

Usability Usage

•  No passwords •  Existing devices •  Flexible authentication

•  Engagement •  Completed transactions •  Security compliance

Drives  

Aspirational Goal

FIDO SOLUTIONS DEMONSTRATED AT INDUSTRY EVENTS

SIM  as  Secure  Element  

Fingerprint,  TEE,  Mobile  

Speaker  Recogni<on  

Mobile  via  NFC  

PIN  +  MicroSD  

USB  

FIDO-READYTM PRODUCTS SHIPPING TODAY

OEM  Enabled:  Lenovo  ThinkPads  with    Fingerprint  Sensors  

OEM  Enabled:  Samsung  Galaxy  S5  

Clients  available  for  these  opera<ng  systems:  

SoNware  Authen<cator  Examples:  Speaker/Face  recogni<on,  PIN,  QR  Code,  etc.  

ANermarket  Hardware  Authen<cator  Examples:  USB  fingerprint  scanner,  MicroSD  Secure  Element  

CALL TO ACTION •  AUTHENTICATION IS A FUNDAMENTAL PROBLEM AND IT IS AN

INDUSTRY PROBLEM •  NO ONE COMPANY CAN FIX THIS PROBLEM, JOIN THE FIDO

ALLIANCE & HELP FIX IT TOGETHER •  OPPORTUNITY TO CREATE NEW SERVICES, NEW MARKETS, NEW

INNOVATIONS, NEW BUSINESSES AND NEW REVENUE MODELS •  TAKE THE LEADERSHIP, INCLUDE FIDO SUPPORT AT THE

SOURCE ON YOUR DEVICES •  FIDO READY TM COMMERCIAL PRODUCTS ARE AVAILABLE IN THE

MARKET

•  MAKE THE CONNECTED WORLD SECURE, PRIVATE, FRAUD FREE , EASY TO USE AND STAY CONNECTED

19

THANKS!

Email: ramesh@noknok.com https://www.youtube.com/watch?v=ffLERYgteJQ

Sponsored By