INTRODUCTION TO THE FIDO ALLIANCE

VISION AND STATUS Brett McDowell, Executive Director

brett@fidoalliance.org

All Rights Reserved | FIDO Alliance | Copyright 2016. 1

2

THE FIDO VISIONPROGRESS THROUGH 2016

THE ROAD AHEADAll Rights Reserved | FIDO Alliance | Copyright 2016.

THE FIDO VISION

3All Rights Reserved | FIDO Alliance | Copyright 2016.

4

Formed in 2012 to Solve the Password Problem

63% of data breaches in 2015 involved weak,

default, or stolen

passwords-Verizon Data Breach

Report

Data breaches expected to reach

1,000 in 2016 up 22% from 2015

-Identity Theft Resource Center

Each data breach costs

$3.8 million on average

up 23% from 2013-Ponemon Institute

All Rights Reserved | FIDO Alliance | Copyright 2016.

The FIDO Alliance is an open industry association of over 250 organizations with a focused mission: authentication standards

5All Rights Reserved | FIDO Alliance | Copyright 2016.

FIDO Alliance Mission

Develop Specifications

Operate Adoption Programs

Pursue Formal Standardization

1 2 3

All Rights Reserved | FIDO Alliance | Copyright 2016. 6

define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to authenticate users of online services

All Rights Reserved | FIDO Alliance | Copyright 2016.

Board Members

7

FIDO Standardsonline authentication usingpublic key cryptography

8All Rights Reserved | FIDO Alliance | Copyright 2016.

HOW “Shared Secrets” WORK

ONLINE

The user authenticates themselves online by presenting a human-

readable “shared secret”

9All Rights Reserved | FIDO Alliance | Copyright 2016.

HOW FIDO WORKS

AUTHENTICATOR

LOCAL ONLINE

The user authenticates

“locally” to their device (by various

means)

The device authenticates the user online using

public key cryptography

10All Rights Reserved | FIDO Alliance | Copyright 2016.

11

Support for Two Authentication Experiences

ENABLES MANY AUTHENTICATION OPTIONS | EACH SERVICE PROVIDER REGISTERS UNIQUE FIDO CREDENTIALS

OPEN STANDARDS R.O.I.FIDO-ENABLE ONCEGAIN EVERY DEVICE YOU

TRUSTNO MORE ONE-OFF

INTEGRATIONS12All Rights Reserved | FIDO Alliance | Copyright 2016.

USABILITY, SECURITY, R.O.I. and

PRIVACY13All Rights Reserved | FIDO Alliance | Copyright 2016.

No 3rd Party in the Protocol

No Secrets on the Server Side

Biometric Data (if used) Never Leaves Device

No (*new*) Link-ability Between Services

No (*new*) Link-ability Between Accounts

14

All Rights Reserved | FIDO Alliance | Copyright 2016.

Summary: FIDO Authentication Delivers

Better securityfor online services

Reduced costfor the enterprise

Simpler and saferfor users

15All Rights Reserved | FIDO Alliance | Copyright 2016.

1616

PROGRESS THROUGH 2016: DEVELOPMENT

All Rights Reserved | FIDO Alliance | Copyright 2016.

All Rights Reserved | FIDO Alliance | Copyright 2016.

FIDO Development History

FIDO 1.0 FINAL

First Deployments UAF & U2F

Specification Review DraftFIDO

Ready ProgramAlliance

Announced

FEB

2013

DEC 2013

FEB 2014

FEB-OCT 2014

DEC 92014

MAY 2015

FEB2016

Formal Standardizatio

n

JUNE 2015

Certification Program

New U2F Transports

17

NOV2016

FIDO 1.1

FIDO 1.1 Specifications Enhancements

18

UAF

U2F

All Rights Reserved | FIDO Alliance | Copyright 2016.

1919

PROGRESS THROUGH 2016: ADOPTION

All Rights Reserved | FIDO Alliance | Copyright 2016.

All Rights Reserved | FIDO Alliance | Copyright 2016.

Certification Growth

20

An open competitive market Ensures interoperability Sign of mature FIDO

ecosystem

250+

FIDO® Certified products available today

Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16

152

6432

62 74108

162

216

253 TOTAL

All Rights Reserved | FIDO Alliance | Copyright 2016. 21

FIDO Certified

FIDO in the Android Ecosystem

22

S5, Mini

Alpha

Note 4,5

Note Edge

Tab S, Tab S2

S6,S6

Edge

S7,S7

Edge

Vernee Thor

Xperia Z5

Xperia Z5

Compact

Xperia Z5

Premium

Mate 8

V10 G5

Phab2 Phab2 ProPlus

Z2, Z2 Pro Xperia X

Performance

Xperia XZ Xperia X Compact SO-02J

All Rights Reserved | FIDO Alliance | Copyright 2016.

Arrows NX

Arrows Fit

Arrows Tab

F-02HF-04HF-04GF-01H

Aquos ZetaSH-01HSH-03G SH-02J

All Rights Reserved | FIDO Alliance | Copyright 2016.

iPhone SE iPhone & iPhone+

iPad Air, Mini iPad Pro

FIDO in the Apple EcosystemSupported iOS Fingerprint Devices

23

24

FIDO in the Windows and Web EcosystemsWindows Platforms

Web

Yoga 910

All Rights Reserved | FIDO Alliance | Copyright 2016.

25

Global Leaders Deploy FIDO Standards

All Rights Reserved | FIDO Alliance | Copyright 2016.

26

FIDO: THE ROAD AHEAD

All Rights Reserved | FIDO Alliance | Copyright 2016.

27

The Road AheadW3C Web

Authentication Specification

Standards Effort with

EMVCo

Client-to-Authenticator

Protocol (CTAP)

FIDO Gold Server + New

Certification Programs

All Rights Reserved | FIDO Alliance | Copyright 2016.

All Rights Reserved | FIDO Alliance | Copyright 2016.

2017 Is a Milestone Year in the Making

28

1. FIDO adoption through Web Platform standardization

2. FIDO adoption on mobile through CDCVM in Mobile Payments

3. New FIDO use cases: “companion device” authentication

4. New Certification Programs for a quickly maturing marketplace

THANK YOU

Brett McDowell, Executive Directorbrett@fidoalliance.org

29All Rights Reserved | FIDO Alliance | Copyright 2016.