The Second Payment Services Directive (PSD2) and the associated Regulatory Technical Standards (RTS) on strong customer authentication and secure communication impose stringent requirements on multi-factor authentication and on the security of implementations. Payment Service Providers will want to know whether the authentication solutions they put in place conform to the RTS both in terms of functionality and security.
The FIDO Alliance standards are based on multi-factor authentication and are a strong fit for PSD2 compliance. The FIDO Alliance’s certification program provides an independent evaluation of functional compliance to the standards as well as of the achieved level of security of FIDO authenticators.
Featuring industry experts, this presentation explores how FIDO can resolve key issues, including:
• How the FIDO standards conform to the RTS
• How FIDO’s certification program guarantees this conformity
• How FIDO’s certification program provides for the mandatory security evaluation imposed by the RTS
Keycloak supports WebAuthn and FAPI by implementing their features and passing conformance tests. Hitachi contributed WebAuthn support and worked with NRI to add FAPI compliance, addressing issues like supporting newer signature algorithms and the PKCE protocol. Further contributions are welcomed to resolve remaining FAPI test issues.
OAuth and OpenID Connect are the two most important security specs that API providers need to be aware of. In this session, Travis Spencer, CEO of Curity, will cram in as much about these two protocols as will fit into 20 minutes.
The document discusses the FIDO2 authentication process for creating and using passkeys across multiple devices. It describes creating a passkey for a banking app on Android, then signing into the same banking app on Windows and macOS using the passkey from Android. This involves scanning a QR code to link devices, performing user verification on each device, and having the passkey detected and stored locally on each new platform using the respective authentication method (Windows Hello, macOS, etc).
This document provides an overview and example of getting started with WebAuthn. It discusses the WebAuthn specification and terminology. It then demonstrates how to set up sample code to handle WebAuthn registration and login requests and responses. Specifically, it shows the structure of registration and login options that are sent to clients, and the credential responses that are returned, including parsing the response details. Key areas like challenges, credentials, attestation, and extensions are described. The document aims to help attendees understand how WebAuthn works at a high level and see an example implementation.
Identity for IoT: An Authentication Framework for the IoT
John Bradley, Ping Identity, gave this presentation at the AllSeen Alliance's Partner Programme at Mobile World Congress 2015.
About Ping Identity: Ping Identity provides next-generation identity security solutions. With more than 1,200 enterprise customers worldwide, including half of the Fortune 100, Ping Identity delivers professional-grade identity security solutions that meet the needs of organizations managing workforce, customer, and partner identities. Identity at Internet scale is a concept that will be required as the industry builds services that encompass billions of connected devices and identities.
This document provides a summary of a presentation on passwordless authentication and the role of the FIDO Alliance. It begins with statistics showing the increasing costs and impacts of cyberattacks targeting financial services. The presentation then discusses predictions that phishing attacks and MFA bypass attacks will continue to grow. However, it also predicts that enterprise passwordless deployments and consumer-ready solutions will increase rapidly. The rest of the presentation focuses on the FIDO Alliance's work to develop open standards for simpler and stronger authentication using public key cryptography and possession-based credentials like "passkeys." It discusses growing browser, platform and government support for FIDO and the Alliance's initiatives to further improve usability while maintaining security, such as new guidelines
- FIDO2 is a passwordless authentication standard that uses public key cryptography instead of passwords
- It involves an initial registration process where a public/private key pair is created and the public key is associated with the user's account
- Authentication then involves validating the signature from the private key without exposing any secrets
- FIDO2 supports various form factors beyond USB keys like mobile devices and provides stronger security than passwords
What is a Verifiable Credential, and Why Does it Matter?
https://identiverse.com/idv2022/session/841421/
"A verifiable credential (VC) is an assertion with a secret weapon – called a verifiable presentation (VP). VCs and VPs are unique in that they enable users to directly hold and present claims about themselves, issued by many different authorities. This is an important addition to the domain-relative credentials that are presented today as part of federated sign-in or SSO contexts. You may ask – why is that direct presentation important? Kristina Yasuda will talk through how VCs and VPs work, what makes VCs different from common federated credentials, and what VCs could change about how we interact with data in the future."
Self-sovereign identity (SSI) is a new identity model that gives the user control and ownership over her data.
To dive into what this means and the benefits it offers, Evernym's Andy Tobin gave a webinar on October 17, 2019 introducing the topic of self-sovereign identity and its role in transforming customer experiences and unlocking competitive advantage.
This document discusses the growing adoption of FIDO authentication standards for passwordless, phishing-resistant multi-factor authentication. It predicts that in 2022, enterprise passwordless deployments will grow rapidly as mobile platforms provide consumer-ready solutions at scale. The document outlines how FIDO specifications offer simpler and stronger authentication using public key cryptography backed by major technology companies. It notes that over 5 billion devices now support FIDO and more than 150 million people are using passwordless methods each month. Government policies are evolving to recognize FIDO authentication as the preferred choice and gold standard for phishing-resistant multi-factor authentication.
What are decentralized identifiers (DIDs), how do they enable self-sovereign identity, and what does W3C standardization mean for interoperability and adoption?
Evernym's Drummond Reed and Brent Zundel discussed all this and more on our Sep 26, 2019 webinar.
Digital Identity Wallets: What They Mean For Banks
This document discusses digital identity wallets and their potential benefits for banks. Digital identity wallets allow individuals to store credentials that can be securely and privately shared with organizations to verify attributes like identity, age, membership status. They minimize data collection and use privacy techniques. Banks could use them to streamline know-your-customer processes, replace passwords with secure authentication, and improve customer experiences through personalized services and messaging. The technology relies on cryptographic proofs and keeping data decentralized and off-chain for privacy and security according to global standards like GDPR.
The document discusses selecting authenticators for FIDO2 registration. It provides an overview of the FIDO2 registration process and the steps involved. It describes using the Authenticator Attestation Identifier (AAGUID) to identify the authenticator model and obtaining additional metadata from the FIDO Metadata Service (MDS). The MDS can provide details about authenticators, including how user verification and key protection are implemented. Selecting authenticators allows relying parties to control which devices can be used for authentication.
Overview of FIDO Security Requirements and Certifications
1) The FIDO Alliance authentication certification program evaluates and certifies authenticators at different security levels to create trust between relying parties and authenticators.
2) Higher certification levels provide defenses against more sophisticated attacks, with Level 3+ providing the highest security against physical attacks on authenticator devices.
3) The certification process involves security reviews and penetration testing conducted by accredited laboratories. Companion certification programs can reduce the cost and time of certification for vendors.
The document discusses technical principles of FIDO authentication. It provides an overview of how FIDO works, including the FIDO ecosystem with authenticators, clients, servers and relying parties. It also summarizes the FIDO registration and authentication processes, which separate user verification from authentication through the use of public and private keys.
The document discusses FIDO Alliance's efforts to create simpler and stronger authentication standards to replace passwords. It provides an overview of FIDO authentication, including how it works, adoption rates, and certification programs. It also summarizes the Alliance's work in identity verification, binding, and FIDO Device Onboarding to fill gaps and further the passwordless vision.
Brett McDowell, the Executive Director of the FIDO Alliance, gave a presentation on the vision and status of the FIDO Alliance in Tokyo. The presentation discussed how authentication is a major problem, how over 250 organizations are working together through the FIDO Alliance to solve this problem, and the FIDO Alliance's mission to create simpler and stronger authentication standards using public key cryptography. It provided an overview of how old and FIDO authentication works, the specifications roadmap, growing certification programs, and support across platforms. In closing, McDowell announced news of expanded FIDO support on Android 8.0 devices and a new FIDO certified implementation from NTT DOCOMO.
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinFIDO Alliance
FIDO 2.0 specifications are being developed to standardize strong web authentication across platforms. This includes a Web Authentication API submitted to W3C, key attestation and signature formats. A Client to Authenticator Protocol enables authentication using external devices over transports like USB, Bluetooth, and NFC. FIDO aims to accelerate adoption by providing authentication built into browsers, operating systems, and platforms.
Google has deployed FIDO U2F security keys for two-factor authentication at scale within their organization. They found security keys to be faster and cause fewer support incidents than one-time passwords. Google has also made security keys available to consumers as an optional second factor for their accounts. Other companies like Dropbox, GitHub, and Facebook have also adopted FIDO security keys. Google's experience shows that security keys can provide stronger authentication that is also more usable for users and enterprises.
FIDO and the Future of User AuthenticationFIDO Alliance
The document discusses the problems with password-based authentication and introduces FIDO authentication as a solution. It summarizes that FIDO authentication uses public key cryptography to allow users to authenticate with a single gesture on their device, without needing shared secrets or passwords. FIDO authentication is being adopted by major companies and specifications are standardized, with over 500 authenticators certified for compatibility and security. The presentation promotes FIDO as the future of secure, usable authentication.
Implementing WebAuthn & FAPI supports on KeycloakYuichi Nakamura
Keycloak supports WebAuthn and FAPI by implementing their features and passing conformance tests. Hitachi contributed WebAuthn support and worked with NRI to add FAPI compliance, addressing issues like supporting newer signature algorithms and the PKCE protocol. Further contributions are welcomed to resolve remaining FAPI test issues.
OAuth and OpenID Connect are the two most important security specs that API providers need to be aware of. In this session, Travis Spencer, CEO of Curity, will cram in as much about these two protocols as will fit into 20 minutes.
The document discusses the FIDO2 authentication process for creating and using passkeys across multiple devices. It describes creating a passkey for a banking app on Android, then signing into the same banking app on Windows and macOS using the passkey from Android. This involves scanning a QR code to link devices, performing user verification on each device, and having the passkey detected and stored locally on each new platform using the respective authentication method (Windows Hello, macOS, etc).
This document provides an overview and example of getting started with WebAuthn. It discusses the WebAuthn specification and terminology. It then demonstrates how to set up sample code to handle WebAuthn registration and login requests and responses. Specifically, it shows the structure of registration and login options that are sent to clients, and the credential responses that are returned, including parsing the response details. Key areas like challenges, credentials, attestation, and extensions are described. The document aims to help attendees understand how WebAuthn works at a high level and see an example implementation.
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
John Bradley, Ping Identity, gave this presentation at the AllSeen Alliance's Partner Programme at Mobile World Congress 2015.
About Ping Identity: Ping Identity provides next-generation identity security solutions. With more than 1,200 enterprise customers worldwide, including half of the Fortune 100, Ping Identity delivers professional-grade identity security solutions that meet the needs of organizations managing workforce, customer, and partner identities. Identity at Internet scale is a concept that will be required as the industry builds services that encompass billions of connected devices and identities.
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance
This document provides a summary of a presentation on passwordless authentication and the role of the FIDO Alliance. It begins with statistics showing the increasing costs and impacts of cyberattacks targeting financial services. The presentation then discusses predictions that phishing attacks and MFA bypass attacks will continue to grow. However, it also predicts that enterprise passwordless deployments and consumer-ready solutions will increase rapidly. The rest of the presentation focuses on the FIDO Alliance's work to develop open standards for simpler and stronger authentication using public key cryptography and possession-based credentials like "passkeys." It discusses growing browser, platform and government support for FIDO and the Alliance's initiatives to further improve usability while maintaining security, such as new guidelines
- FIDO2 is a passwordless authentication standard that uses public key cryptography instead of passwords
- It involves an initial registration process where a public/private key pair is created and the public key is associated with the user's account
- Authentication then involves validating the signature from the private key without exposing any secrets
- FIDO2 supports various form factors beyond USB keys like mobile devices and provides stronger security than passwords
What is a Verifiable Credential, and Why Does it Matter?
https://identiverse.com/idv2022/session/841421/
"A verifiable credential (VC) is an assertion with a secret weapon – called a verifiable presentation (VP). VCs and VPs are unique in that they enable users to directly hold and present claims about themselves, issued by many different authorities. This is an important addition to the domain-relative credentials that are presented today as part of federated sign-in or SSO contexts. You may ask – why is that direct presentation important? Kristina Yasuda will talk through how VCs and VPs work, what makes VCs different from common federated credentials, and what VCs could change about how we interact with data in the future."
Self-sovereign identity (SSI) is a new identity model that gives the user control and ownership over her data.
To dive into what this means and the benefits it offers, Evernym's Andy Tobin gave a webinar on October 17, 2019 introducing the topic of self-sovereign identity and its role in transforming customer experiences and unlocking competitive advantage.
FIDO Authentication: Unphishable MFA for AllFIDO Alliance
This document discusses the growing adoption of FIDO authentication standards for passwordless, phishing-resistant multi-factor authentication. It predicts that in 2022, enterprise passwordless deployments will grow rapidly as mobile platforms provide consumer-ready solutions at scale. The document outlines how FIDO specifications offer simpler and stronger authentication using public key cryptography backed by major technology companies. It notes that over 5 billion devices now support FIDO and more than 150 million people are using passwordless methods each month. Government policies are evolving to recognize FIDO authentication as the preferred choice and gold standard for phishing-resistant multi-factor authentication.
What are decentralized identifiers (DIDs), how do they enable self-sovereign identity, and what does W3C standardization mean for interoperability and adoption?
Evernym's Drummond Reed and Brent Zundel discussed all this and more on our Sep 26, 2019 webinar.
Digital Identity Wallets: What They Mean For BanksEvernym
This document discusses digital identity wallets and their potential benefits for banks. Digital identity wallets allow individuals to store credentials that can be securely and privately shared with organizations to verify attributes like identity, age, membership status. They minimize data collection and use privacy techniques. Banks could use them to streamline know-your-customer processes, replace passwords with secure authentication, and improve customer experiences through personalized services and messaging. The technology relies on cryptographic proofs and keeping data decentralized and off-chain for privacy and security according to global standards like GDPR.
The document discusses selecting authenticators for FIDO2 registration. It provides an overview of the FIDO2 registration process and the steps involved. It describes using the Authenticator Attestation Identifier (AAGUID) to identify the authenticator model and obtaining additional metadata from the FIDO Metadata Service (MDS). The MDS can provide details about authenticators, including how user verification and key protection are implemented. Selecting authenticators allows relying parties to control which devices can be used for authentication.
Overview of FIDO Security Requirements and CertificationsFIDO Alliance
1) The FIDO Alliance authentication certification program evaluates and certifies authenticators at different security levels to create trust between relying parties and authenticators.
2) Higher certification levels provide defenses against more sophisticated attacks, with Level 3+ providing the highest security against physical attacks on authenticator devices.
3) The certification process involves security reviews and penetration testing conducted by accredited laboratories. Companion certification programs can reduce the cost and time of certification for vendors.
Technical Principles of FIDO AuthenticationFIDO Alliance
The document discusses technical principles of FIDO authentication. It provides an overview of how FIDO works, including the FIDO ecosystem with authenticators, clients, servers and relying parties. It also summarizes the FIDO registration and authentication processes, which separate user verification from authentication through the use of public and private keys.
The document discusses FIDO Alliance's efforts to create simpler and stronger authentication standards to replace passwords. It provides an overview of FIDO authentication, including how it works, adoption rates, and certification programs. It also summarizes the Alliance's work in identity verification, binding, and FIDO Device Onboarding to fill gaps and further the passwordless vision.
Tokyo Seminar: FIDO Alliance Vision and StatusFIDO Alliance
Brett McDowell, the Executive Director of the FIDO Alliance, gave a presentation on the vision and status of the FIDO Alliance in Tokyo. The presentation discussed how authentication is a major problem, how over 250 organizations are working together through the FIDO Alliance to solve this problem, and the FIDO Alliance's mission to create simpler and stronger authentication standards using public key cryptography. It provided an overview of how old and FIDO authentication works, the specifications roadmap, growing certification programs, and support across platforms. In closing, McDowell announced news of expanded FIDO support on Android 8.0 devices and a new FIDO certified implementation from NTT DOCOMO.
FIDO Certified Program: The Value of Certification FIDO Alliance
A look at FIDO Certification program, including functional, authenticator and biometric; the value of certification for relaying parties and vendors, and how to get started.
Technical Principles of FIDO AuthenticationFIDO Alliance
The document provides an overview of FIDO authentication including:
1. How FIDO authentication works by using an authenticator to verify the user and perform the authentication without revealing identity attributes.
2. The FIDO ecosystem involves authenticators, clients, servers, and metadata to understand authenticator security characteristics.
3. FIDO supports a range of authenticators from platform-based to roaming and different user verification methods while keeping user verification data private.
Introduction to the FIDO Alliance: Vision & StatusFIDO Alliance
This document summarizes the FIDO Alliance's vision and status. It discusses how authentication has become a major problem and how over 250 organizations are working together through the FIDO Alliance to solve this problem by developing open standards for simpler and stronger authentication using public key cryptography. The FIDO Alliance aims to deliver security, privacy, interoperability and usability through specifications such as FIDO UAF, FIDO U2F and the upcoming FIDO2/WebAuthn specifications. The Alliance has seen strong growth in functional certifications and aims to also offer security and biometric certifications to validate authenticator safety and accurate user identification.
Brett McDowell, the Executive Director of the FIDO Alliance, gave a presentation on the FIDO Alliance's vision and status. The presentation discussed how authentication is a major problem, and how over 250 organizations are working together through the FIDO Alliance to solve this problem using open standards for simpler and stronger authentication. It provided an overview of the FIDO Alliance's scope and mission, as well as how FIDO authentication works compared to traditional authentication methods. The presentation concluded with an update on the FIDO Alliance's specifications roadmap and the formation of a new FIDO Korea Working Group.
Getting to Know the FIDO Specifications - Technical TutorialFIDO Alliance
What if we could replace passwords with authentication that is stronger and simpler? Web service providers and enterprises worldwide are looking for a solution to move beyond the frustrating user experience and less-than-stellar security of single-factor password authentication systems. Today FIDO is that solution, providing a rich set of specifications and certifications for an emerging and interoperable ecosystem of hardware, mobile and biometrics-based devices. This ecosystem enables enterprises and web service providers to easily deploy strong authentication solutions that reduce password dependencies and provide a superior, simpler and trusted user experience.
- Learn the ins and outs of FIDO’s specifications, including their applicability to both passwordless (UAF) and second factor (U2F) authentication use cases.
- Learn how FIDO separates user verification from authentication along with other details on the FIDO registration and login process.
- Learn how FIDO authentication protects user privacy and prevents phishing and man-in-the-middle attacks.
FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide. FIDO manages functional certification programs for its core specifications (UAF, U2F and FIDO2) to ensure product interoperability, and more recently has introduced programs to delineate security capabilities of FIDO Certified Authenticators, and also to test and validate the efficacy of biometric components.
These slides explain how to:
- Learn how to take part in the FIDO Certified program and/or what to consider when licensing FIDO Certified solutions
- Understand how FIDO’s new biometric certification program (a first of its kind in the industry) will help inform the marketplace on the accuracy of various biometric authentication components
- See how FIDO’s Certified Authenticator Levels will help deploying organizations specify and support specific security capabilities and requirements for their end users
Javelin Research's State of Strong Authentication 2019 Report Webinar FIDO Alliance
Webinar:Javelin Research's State of Strong Authentication 2019 Report
Presented by:
Al Pascual, SVP and Research Director, Javelin Strategy
Andrew Shikiar, Chief Marketing Officer, FIDO Alliance
February 7, 2019
This document summarizes a presentation given by Anthony Nadalin from Microsoft on FIDO2 and Microsoft implementations. It discusses the FIDO standards including CTAP2 and WebAuthn, and how Microsoft supports these standards in Windows 10, Microsoft Edge, and Microsoft Accounts. It provides an overview of authentication interactions and the different entities involved, such as relying parties, clients, authenticators, and platforms.
The rapid expansion of the Internet of Things has fostered convenience and connectedness for consumers. It has also opened the door for creative hackers. Recently, hackers used hundreds of thousands of common internet-connected devices in consumers’ homes, without the owners’ knowledge, to launch a DDoS attack that temporarily brought down crucial parts of the internet’s infrastructure.
Attacks in the past have shown that passwords in IoT devices provide insufficient security. Additionally, IoT devices are too constrained for implementing biometric functions.
The question then becomes how to authenticate to such devices and can the industry adopt a standardized approach despite a highly fragmented IoT landscape. This presentation by Rolf Lindemann of Nok Nok Labs, explores how FIDO Authentication can provide convenient and strong authentication in an array of IoT use cases.
Learn how FIDO standards compliment federation protocols. These guidelines detail how to integrate the two in order to add support for FIDO-based multi-factor authentication and replace or supplement traditional authentication methods in federation environments.
YOUR RELIABLE WEB DESIGN & DEVELOPMENT TEAM — FOR LASTING SUCCESS
WPRiders is a web development company specialized in WordPress and WooCommerce websites and plugins for customers around the world. The company is headquartered in Bucharest, Romania, but our team members are located all over the world. Our customers are primarily from the US and Western Europe, but we have clients from Australia, Canada and other areas as well.
Some facts about WPRiders and why we are one of the best firms around:
More than 700 five-star reviews! You can check them here.
1500 WordPress projects delivered.
We respond 80% faster than other firms! Data provided by Freshdesk.
We’ve been in business since 2015.
We are located in 7 countries and have 22 team members.
With so many projects delivered, our team knows what works and what doesn’t when it comes to WordPress and WooCommerce.
Our team members are:
- highly experienced developers (employees & contractors with 5 -10+ years of experience),
- great designers with an eye for UX/UI with 10+ years of experience
- project managers with development background who speak both tech and non-tech
- QA specialists
- Conversion Rate Optimisation - CRO experts
They are all working together to provide you with the best possible service. We are passionate about WordPress, and we love creating custom solutions that help our clients achieve their goals.
At WPRiders, we are committed to building long-term relationships with our clients. We believe in accountability, in doing the right thing, as well as in transparency and open communication. You can read more about WPRiders on the About us page.
An invited talk given by Mark Billinghurst on Research Directions for Cross Reality Interfaces. This was given on July 2nd 2024 as part of the 2024 Summer School on Cross Reality in Hagenberg, Austria (July 1st - 7th)
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfNeo4j
Presented at Gartner Data & Analytics, London Maty 2024. BT Group has used the Neo4j Graph Database to enable impressive digital transformation programs over the last 6 years. By re-imagining their operational support systems to adopt self-serve and data lead principles they have substantially reduced the number of applications and complexity of their operations. The result has been a substantial reduction in risk and costs while improving time to value, innovation, and process automation. Join this session to hear their story, the lessons they learned along the way and how their future innovation plans include the exploration of uses of EKG + Generative AI.
Kief Morris rethinks the infrastructure code delivery lifecycle, advocating for a shift towards composable infrastructure systems. We should shift to designing around deployable components rather than code modules, use more useful levels of abstraction, and drive design and deployment from applications rather than bottom-up, monolithic architecture and delivery.
How RPA Help in the Transportation and Logistics Industry.pptxSynapseIndia
Revolutionize your transportation processes with our cutting-edge RPA software. Automate repetitive tasks, reduce costs, and enhance efficiency in the logistics sector with our advanced solutions.
UiPath Community Day Kraków: Devs4Devs ConferenceUiPathCommunity
We are honored to launch and host this event for our UiPath Polish Community, with the help of our partners - Proservartner!
We certainly hope we have managed to spike your interest in the subjects to be presented and the incredible networking opportunities at hand, too!
Check out our proposed agenda below 👇👇
08:30 ☕ Welcome coffee (30')
09:00 Opening note/ Intro to UiPath Community (10')
Cristina Vidu, Global Manager, Marketing Community @UiPath
Dawid Kot, Digital Transformation Lead @Proservartner
09:10 Cloud migration - Proservartner & DOVISTA case study (30')
Marcin Drozdowski, Automation CoE Manager @DOVISTA
Pawel Kamiński, RPA developer @DOVISTA
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
09:40 From bottlenecks to breakthroughs: Citizen Development in action (25')
Pawel Poplawski, Director, Improvement and Automation @McCormick & Company
Michał Cieślak, Senior Manager, Automation Programs @McCormick & Company
10:05 Next-level bots: API integration in UiPath Studio (30')
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
10:35 ☕ Coffee Break (15')
10:50 Document Understanding with my RPA Companion (45')
Ewa Gruszka, Enterprise Sales Specialist, AI & ML @UiPath
11:35 Power up your Robots: GenAI and GPT in REFramework (45')
Krzysztof Karaszewski, Global RPA Product Manager
12:20 🍕 Lunch Break (1hr)
13:20 From Concept to Quality: UiPath Test Suite for AI-powered Knowledge Bots (30')
Kamil Miśko, UiPath MVP, Senior RPA Developer @Zurich Insurance
13:50 Communications Mining - focus on AI capabilities (30')
Thomasz Wierzbicki, Business Analyst @Office Samurai
14:20 Polish MVP panel: Insights on MVP award achievements and career profiling
Support en anglais diffusé lors de l'événement 100% IA organisé dans les locaux parisiens d'Iguane Solutions, le mardi 2 juillet 2024 :
- Présentation de notre plateforme IA plug and play : ses fonctionnalités avancées, telles que son interface utilisateur intuitive, son copilot puissant et des outils de monitoring performants.
- REX client : Cyril Janssens, CTO d’ easybourse, partage son expérience d’utilisation de notre plateforme IA plug & play.
Quality Patents: Patents That Stand the Test of TimeAurora Consulting
Is your patent a vanity piece of paper for your office wall? Or is it a reliable, defendable, assertable, property right? The difference is often quality.
Is your patent simply a transactional cost and a large pile of legal bills for your startup? Or is it a leverageable asset worthy of attracting precious investment dollars, worth its cost in multiples of valuation? The difference is often quality.
Is your patent application only good enough to get through the examination process? Or has it been crafted to stand the tests of time and varied audiences if you later need to assert that document against an infringer, find yourself litigating with it in an Article 3 Court at the hands of a judge and jury, God forbid, end up having to defend its validity at the PTAB, or even needing to use it to block pirated imports at the International Trade Commission? The difference is often quality.
Quality will be our focus for a good chunk of the remainder of this season. What goes into a quality patent, and where possible, how do you get it without breaking the bank?
** Episode Overview **
In this first episode of our quality series, Kristen Hansen and the panel discuss:
⦿ What do we mean when we say patent quality?
⦿ Why is patent quality important?
⦿ How to balance quality and budget
⦿ The importance of searching, continuations, and draftsperson domain expertise
⦿ Very practical tips, tricks, examples, and Kristen’s Musts for drafting quality applications
https://www.aurorapatents.com/patently-strategic-podcast.html
論文紹介:A Systematic Survey of Prompt Engineering on Vision-Language Foundation ...Toru Tamaki
Jindong Gu, Zhen Han, Shuo Chen, Ahmad Beirami, Bailan He, Gengyuan Zhang, Ruotong Liao, Yao Qin, Volker Tresp, Philip Torr "A Systematic Survey of Prompt Engineering on Vision-Language Foundation Models" arXiv2023
https://arxiv.org/abs/2307.12980
Measuring the Impact of Network Latency at TwitterScyllaDB
Widya Salim and Victor Ma will outline the causal impact analysis, framework, and key learnings used to quantify the impact of reducing Twitter's network latency.
Best Programming Language for Civil EngineersAwais Yaseen
The integration of programming into civil engineering is transforming the industry. We can design complex infrastructure projects and analyse large datasets. Imagine revolutionizing the way we build our cities and infrastructure, all by the power of coding. Programming skills are no longer just a bonus—they’re a game changer in this era.
Technology is revolutionizing civil engineering by integrating advanced tools and techniques. Programming allows for the automation of repetitive tasks, enhancing the accuracy of designs, simulations, and analyses. With the advent of artificial intelligence and machine learning, engineers can now predict structural behaviors under various conditions, optimize material usage, and improve project planning.
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxSynapseIndia
Your comprehensive guide to RPA in healthcare for 2024. Explore the benefits, use cases, and emerging trends of robotic process automation. Understand the challenges and prepare for the future of healthcare automation
Sustainability requires ingenuity and stewardship. Did you know Pigging Solutions pigging systems help you achieve your sustainable manufacturing goals AND provide rapid return on investment.
How? Our systems recover over 99% of product in transfer piping. Recovering trapped product from transfer lines that would otherwise become flush-waste, means you can increase batch yields and eliminate flush waste. From raw materials to finished product, if you can pump it, we can pig it.
Transcript: Details of description part II: Describing images in practice - T...BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and slides: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
1. All Rights Reserved | FIDO Alliance | Copyright 20191
FIDO & PSD2:
ACHIEVING STRONG
CUSTOMER AUTHENTICATION
COMPLIANCE
2. All Rights Reserved | FIDO Alliance | Copyright 20192
AGENDA
• FIDO essentials
• The RTS requirements and how FIDO complies
• The necessity of evaluation and FIDO’s certification program
4. All Rights Reserved | FIDO Alliance | Copyright 20194
FIDO: FAST IDENTITY ONLINE
The FIDO Alliance is an open industry association with a focused mission:
The world’s largest ecosystem
for standards-based,
interoperable authentication 500+ FIDO® Certified solutions
240 Members
AUTHENTICATION STANDARDS
5. All Rights Reserved | FIDO Alliance | Copyright 20195
FIDO SCOPE IN DIGITAL IDENTITY
Identity proofing/KYC
User Management
Authentication
Federation
Single
Sign-On
Passwords Risk-BasedStrong
MODERN
AUTHENTICATION
6. All Rights Reserved | FIDO Alliance | Copyright 20196
LEADERSHIP IN THE FIDO ALLIANCE
CONSUMER ELECTRONICS SECURITY & BIOMETRY SERVICE PROVIDERS
7. All Rights Reserved | FIDO Alliance | Copyright 20197
FIDO MARKETS
• Banks
• e-Commerce
• Social media
• Enterprise security
• Healthcare
• Government
• …
8. 8 All Rights Reserved | FIDO Alliance | Copyright 20198
FIDO STANDARDS
UAF: Universal Authentication Framework
Multi Factor authentication
U2F: Universal 2nd Factor
Login & Password + possession factor
******
• WebAuthn: standard APIs
• CTAP (Client to Authenticator Protocol):
WWW
FIDO2: Brings FIDO support to the web browser, Windows 10 and Android 7
WWW
9. All Rights Reserved | FIDO Alliance | Copyright 20199
EXAMPLES OF FIDO AUTHENTICATORS
Platform authenticators Roaming authenticators
Multi factor
authentication
(possession +
knowledge/inherence)
2nd factor only
(Login & Password +
possession factor)
PC with TPM &
fingerprint sensor or
facial recognition
PC with TPM only Security key
Smart phone
with TEE
Smart card with
PIN or fingerprint
sensor
Security key with
PIN or fingerprint
sensor
Smart card
10. User environment
All Rights Reserved | FIDO Alliance | Copyright 201910
THE PRINCIPLE OF FIDO: AUTHENTICATION
Authenticator
User gesture before
private key can be used
(Touch, PIN entry,
Biometric entry)
Challenge
Signed response
Private key
Public key
User Relying party
Local user verification step On-line authentication step
11. User environment
All Rights Reserved | FIDO Alliance | Copyright 201911
THE PRINCIPLE OF FIDO: REGISTRATION
Authenticator
Biometric data
captured
Key pair generation
Device attestation
+ Public key
Private key
stays in device
User Relying party
Public key
Device
verification
12. All Rights Reserved | FIDO Alliance | Copyright 201912
THE RTS REQUIREMENTS AND
HOW FIDO COMPLIES
13. All Rights Reserved | FIDO Alliance | Copyright 201913
MAPPING WITH PSD2
Authenticator
User action
(PIN entry,
Biometric entry)
PSD2: (not mentioned)
FIDO: Challenge
PSD2: Authentication Code
FIDO: (Signed) Response
PSD2: Personalized
Security Credential
FIDO: Private key
PSD2: PSU
FIDO: User
PSD2: ASPSP
FIDO: Relying Party
PSD2: Element
categorized as possession
FIDO: AuthenticatorPSD2: Element
categorized as knowledge
FIDO: PIN
PSD2: Element
categorized as inherence
FIDO: biometric data PSD2: (not mentioned)
FIDO: Public key
For remote payment
PSD2: Authentication code
with dynamic linking
FIDO: (signed) Response
For remote payment
PSD2: Transaction amount and payee
FIDO: Challenge + Transaction text
14. All Rights Reserved | FIDO Alliance | Copyright 201914
AUTHENTICATION CODE – BASED ON MULTIPLE FACTORS
(ARTICLE 4)
• Inherence factor: FIDO supports any biometric modality
• Biometric data matched locally
• Biometric data never leaves the device
• Knowledge factor: FIDO supports local PIN verification
• PIN never leaves the device
• Possession factor: The authenticator itself with its
private key
• Authentication code verification proves the possession of the
device AND the correct verification of the user
• Private key never leaves the device and cannot be found from
the knowledge of the authentication code
15. All Rights Reserved | FIDO Alliance | Copyright 201915
DYNAMIC LINKING
(ARTICLE 5)
• FIDO authenticators can digitally sign
• Some authenticators support “Transaction confirmation”
• Ability to display information and sign what is displayed
ensures authenticity and integrity of information
Authenticator
Authentication code with
dynamic linking
ASPSPChallenge + transaction
amount and payee
Pay
123 € to
Merchant ABC ?
Authenticate to
confirm
16. All Rights Reserved | FIDO Alliance | Copyright 201916
CONFIDENTIALITY AND INTEGRITY OF CREDENTIALS
(ARTICLE 22)
• FIDO protects private keys, PIN and biometrics from disclosure
• Non readable, never displayed, never exported
• FIDO authenticators come in a variety of implementations:
ROE
App
Authenticator
Platform
Browser Authenticator
Platform
Browser
Authenticator
App
Platform
Browser App
In Applications
In Restricted Operating
Environments In Secure Devices
17. All Rights Reserved | FIDO Alliance | Copyright 201917
SECURITY CREDENTIAL MANAGEMENT
(ARTICLES 23-27)
• Creation
• Delivery
• Renewal
• Destruction/revocation
With FIDO:
• Private key created within secure environment of authenticator. Public
key uploaded to server.
No need for a delivery mechanism
• FIDO keys do not expire: it is up to service provider to manage
revocation or renewal
for example, revoking use of associated public key on server
18. All Rights Reserved | FIDO Alliance | Copyright 201918
EVALUATION: WHAT THE REGULATOR SAYS
[RTS] RECITAL 2, ARTICLE 3.1
The security measures for the application of strong customer
authentication, the measures to protect confidentiality and integrity of
the personalised security credentials must be:
• Documented
• Periodically tested, evaluated and audited by auditors
• Auditors must have expertise in IT security and payments and be
operationally independent
19. All Rights Reserved | FIDO Alliance | Copyright 201919
THE NECESSITY OF
EVALUATION AND FIDO’S
CERTIFICATION PROGRAM
20. All Rights Reserved | FIDO Alliance | Copyright 201920
FIDO CERTIFICATION PROGRAM
A documented program covering:
• Functional compliance
• Of authenticators and servers
Interoperability test events
• Security evaluation
• Of authenticators
Tests of security measures that protect keys and biometrics
Tests done by independent labs
21. 21
FIDO SECURITY LEVELS
21
Any device HW or SW
Implementation in a Restricted
Operating Environment e.g., TEE
Implementation in a
Secure Element
Implementation in “hardened” SW
L1
L1+
L2
L2+
L3
L3+
All Rights Reserved | FIDO Alliance | Copyright 2019
22. All Rights Reserved | FIDO Alliance | Copyright 201922
LEVEL 1
• Better than passwords
• FIDO is unphishable and biometrics are
more convenient
• Keys and biometric templates are
protected similar to passwords stored
by a browser or password manager app
• Requires best facilities offered by
hosting OS
• L1+ adds white-box cryptography,
obfuscation and other techniques to
defend against compromise of hosting
OS
L1 L1+ (in development)
Vendor Create detailed design document
Lab No lab at L1 Penetration testing
FIDO Design Review,
Administration
Administration
Certification Process
Examples
• Android or iOS applications
• Platform built-in authenticators
• Level 2 or Level 3 capable authenticators that have
not been certified at Level 2 or Level 3 yet
23. All Rights Reserved | FIDO Alliance | Copyright 201923
LEVEL 2
• In addition to L1
• A restricted operating
environment like a TEE gives
security even if OS is
compromised
• Separate USB, BLE and NFC
authenticators are considered
to use a restricted operating
environment
• Gives defense against larger
scale attacks
• Additional assurance at L2+
L2 L2+ (in development)
Vendor Create detailed
design document
Supply source code
Lab Design Review Penetration testing,
Attack potential
calculation
FIDO Administration
Examples
• Android apps using TEE in smart phone
• PC TPM based implementations
• USB, BLE and NFC Security Keys
• Level 3 capable authenticators that haven’t yet
been certified at Level 3
Certification Process
24. All Rights Reserved | FIDO Alliance | Copyright 201924
LEVEL 3
• In addition to L2
• Defends against physically
captured authenticators
• Defenses against disassembling,
probing, glitching and other such
physical attacks
• L3+ adds defense against chip-
level physical attacks, such as
decapping and probing the chip
L3 & L3+
Vendor Create detailed design document,
Supply source code
Lab Design Review, Penetration testing, Attack
potential calculation
FIDO Administration
Examples
• USB, BLE and NFC Security Keys or smart cards using
Secure Elements or other means of defending HW
attacks
• Some phone & platform authenticators may achieve
L3, but it is uncommon
Certification Process
25. All Rights Reserved | FIDO Alliance | Copyright 201925
COMPANION PROGRAMS
• Re-use as much as possible from other programs like
Common Criteria
• Reduces time, effort and cost of certification for authenticator
vendors
• Companion programs do not cover all FIDO requirements
• Even with advanced companion programs, vendors will have to
go through additional certification with the FIDO Alliance
FIDO Security Level Companion Program
L3 Common Criteria AVA_VAN 3
L3+ Common Criteria AVA_VAN 4
L2+, L3 FIPS
L2+ Global Platform TEE Protection Profile
Authentication-
specific
Companion program
AllFIDOSecurityRequirements
End-device
configuration
Cryptographic
algorithms
FIDOSpecific
26. All Rights Reserved | FIDO Alliance | Copyright 201926
BIOMETRIC SUB COMPONENT CERTIFICATION
• Labs perform empirical testing for False Acceptance
and False Rejection Rates
• 245 subjects
• Biometric sub-systems FAR must be below 1:10,000
• Biometric sub-systems FRR must be below 3:100
• Labs perform empirical testing for Presentation Attack
Detection
• At least 10 subjects
• Both Level A and B artifacts will be tested
• Imposter Attack Presentation Match Rate (IAPMR) < 20%
• Validation of optional Self Attestation
• Vendor may attest to a higher FAR at a FRR of 3% or less
• Validated test results
27. All Rights Reserved | FIDO Alliance | Copyright 201927
COMPLETE PROCESS
Develop Complete
Authenticator Test
Complete
Authenticator
Authenticator
Vendor
Develop
Complete
Authenticator
FIDO Accredited
Laboratory
Review and
approval
Develop Complete
Authenticator
Biometric
Vendor
Develop
Biometric
Subcomponent
Biometric
Subcomponent
Certificate
Review and
approval
Test Biometric
Subcomponent
FIDO Accredited
Biometric Lab
Allowed
Integration
Document
28. All Rights Reserved | FIDO Alliance | Copyright 201928
FIDO ACCREDITED LABS
L2 L3, L3+
All labs that do FIDO certification must pass accreditation by the FIDO Alliance
Biometric
List as of April 2019
29. All Rights Reserved | FIDO Alliance | Copyright 201929
THE IMPORTANCE OF METADATA
• Describe the authenticator characteristics
• Convey the certification status
• Typically checked by relying party at the time of registration
Authenti-
cator
Biometric
data
captured
Key pair
generation
Device
attestation
+ Public key
User
Relying
party
Device
verification
Metadata
serviceMetadata incl.
certification
status
30. All Rights Reserved | FIDO Alliance | Copyright 201930
TAKE AWAY
• ASPSPs will need assurance that their authentication solution meets the
regulatory requirements
• ASPSPs have to have their authentication solutions tested, evaluated by
independent auditors
FIDO can help
• FIDO standards conform to the RTS
• FIDO’s certification program guarantees this conformity
• FIDO’s certification program provides for the mandatory
security evaluation
31. All Rights Reserved | FIDO Alliance | Copyright 201931
RESOURCES:
HTTPS://FIDOALLIANCE.ORG/HOW_FIDO_MEETS_
THE_RTS_REQUIREMENTS/
HTTPS://FIDOALLIANCE.ORG/CERTIFICATION/