FIDO Alliance – Security and Identity

18
Michael Barrett, President, FIDO Alliance London October 10, 2013 www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 1

Transcript of FIDO Alliance – Security and Identity

Page 1: FIDO Alliance – Security and Identity

Michael Barrett, President, FIDO Alliance

London  October  10,  2013  

www.fidoalliance.org Copyright 2013, The FIDO Alliance

All Rights Reserved 1  

Page 2: FIDO Alliance – Security and Identity

Ø  Consumerization of enterprise IT

Ø  OEMs acquiring/developing fingerprint sensor capability

Ø  Open standards development – FIDO

Ø  Holistic ecosystem safety - Shared Signals

Trends in authentication

www.fidoalliance.org Copyright 2013, The FIDO Alliance

All Rights Reserved 20

Page 3: FIDO Alliance – Security and Identity

iPhone 5 authentication as a driver

•  Users are at the center of a world of connected intelligence

•  Consumerization of enterprise IT is an unstoppable trend

•  Apple’s Touch ID is well architected

•  Expect to see penetration of these devices into new domains

•  Standards are critical to proliferation

Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 2  

Page 4: FIDO Alliance – Security and Identity

Opportunity for Better Authentication is Upon Us

For Users For Organizations

Painful to Use  

•  25  Accounts  •  8  Logins  /  Day  •  6.5  Passwords  

Difficult to Secure

•  $5.5M / Data Breach •  $15M / PWD Reset •  $60+ / Token

For the Ecosystem

Impossible to Scale

•  Fragmented •  Inflexible •  Slow to Adopt

www.fidoalliance.org Copyright 2013, The FIDO Alliance

All Rights Reserved 3

Page 5: FIDO Alliance – Security and Identity

Common experiences related to authentication failure (respondents who say it happened to them one or more times over the past 2 years)

Users are frustrated - password complexity requirements working against them instead of supporting them

Experiences with Identity and Authentication

www.fidoalliance.org Copyright 2013, The FIDO Alliance

All Rights Reserved 4

Page 6: FIDO Alliance – Security and Identity

DO YOU REALLY WANT YOUR REFRIGERATOR TO KNOW YOUR PAYPAL

PASSWORD?

Do You Really Want Your Refrigerator to Know Your PayPal Password?

Page 7: FIDO Alliance – Security and Identity

0

20

40

60

80

100

120

2006 2007 2008 2009 2010 2011 2012

Authentication Vendors

A Full Field…

www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 7

Page 8: FIDO Alliance – Security and Identity

JUST EASY

“BETTER AUTHENTICATION”

JUST BAD

Hig

h Se

curit

y Lo

w

UNPLEASANT

Low High Usability

Security is not a Continuum…

Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 5

Page 9: FIDO Alliance – Security and Identity

New Technology Options…

www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 6

Page 10: FIDO Alliance – Security and Identity

Authentication Standards Combined with Advances in Biometrics Provide a New Path Forward

Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 3

Page 11: FIDO Alliance – Security and Identity

How FIDO Works

FIDO Authenticators

Website Browser

FIDO Plugin

Device Specific Module

64

1

23 5

Validation Cache

secret secrets

refr

esh

Vendor Tokens FIDO

Repository

www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 8

Page 12: FIDO Alliance – Security and Identity

•  User picks their own token type

•  User decides when/if to bind their token to their account

•  Existing tokens (like finger) can be used by downloading the FIDO plugin

•  User can download the plugin from various sites

•  User could have a PIN-protected USB drive to use while travelling

The FIDO “User” Experience

www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 9

Page 13: FIDO Alliance – Security and Identity

Please say your passphrase to log into your account

Speak

Voice Experience…

www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 10

Page 14: FIDO Alliance – Security and Identity

Finger Experience…

www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 11

Page 15: FIDO Alliance – Security and Identity

USB Experience…

www.fidoalliance.org Copyright 2013, The FIDO Alliance All Rights Reserved 12

Page 16: FIDO Alliance – Security and Identity

16

Additive two-factor Authentication…

Copyright 2013, The FIDO Alliance All Rights Reserved www.fidoalliance.org 13

Page 17: FIDO Alliance – Security and Identity

Ø The Internet needs better authentication, now Ø Stronger authentication is not “better

authentication” Ø An industry standards based approach is the

only viable way forward Ø “Whether you believe you can do a thing, or

not, you are right” (Henry Ford) www.fidoalliance.org Copyright 2013, The FIDO Alliance

All Rights Reserved 19

Page 18: FIDO Alliance – Security and Identity

Michael Barrett, CISM, CISSP President, the FIDO Alliance

Thank You for Your Time!

www.fidoalliance.org Copyright 2013, The FIDO Alliance

All Rights Reserved 20

[email protected] http://www.fidoalliance.org