The Future is Flying Cars and Digital Driver's Licenses on Our Phones - Scott Vien

•

1 like•278 views

This document summarizes IdentityNORTH's mobile ID demonstration and ecosystem. It discusses how mobile IDs will be interoperable through standardization bodies like ISO and AAMVA. The mobile ID ecosystem involves an issuing authority provisioning mobile IDs to citizens, which can then be validated and personal data obtained and trusted by service providers. ISO 18013-5 creates trust by having issuers sign data with private keys, encrypting transmissions, and using signer certificates and trust lists of certified certificate authorities.

Recommended for you

The FIDO Alliance Today: Status and News

The FIDO Alliance invites you to learn how simplify strong authentication for web services. This presentation was part of our FIDO Alliance Seminar in Tokyo, Japan, in November, 2015.

•by FIDO Alliance

information technologyauthenticationfido alliance

FIDO Alliance: Year in Review Webinar slides from January 20 2016

Last year was a year of great progress for the FIDO Alliance and standards-based strong authentication. Tens of millions of FIDO-enabled devices are now in use worldwide. There are over 100 FIDO Certified™ products available, and nearly 250 organizations are now taking part in the Alliance, including more than a dozen trade association partners. The market is clearly showing that now is the time to deploy FIDO authentication to modernize failing password systems. These slides address: – The uptake in global momentum – Details on FIDO’s recent submission to the World Wide Web Consortium – The Alliance’s plans and strategy for 2016 and what this means to you and your organization in the upcoming year We encourage you and your colleagues to view these slides to catch up on what happened in 2015 and to learn how FIDO’s explosive growth can benefit your organization in 2016. You can listen to the webinar audio here: https://fidoalliance.org/events/fido-alliance-year-in-review-webinar/

•by FIDO Alliance

technologystandardspayment

Tatyana-Arnaudova - English

The Fast Identity Online (FIDO) framework aims to support a variety of authentication technologies to replace passwords, including biometrics, security tokens, and smart cards. It uses public-key cryptography where the user's device generates a key pair during registration and then signs a challenge from the server for login. There are two main protocols - Universal Authentication Framework (UAF) which allows authentication through local actions like fingerprints, and U2F which provides a second factor for login through a security key. FIDO has advantages like reducing password complexity and recovery procedures, but also has disadvantages like requiring compatible hardware and potential to forget authentication devices.

•by Tatyana Arnaudova

HOW TRUST IS CREATED IN ISO 18013-5
• Data is signed by the Issuer private key, relayed to the device with Mobile Security Objects
• If the data is tampered with, the signature will not verify (Passive Authentication)
• Active Authentication protocol confirms that mDL is still on the device to which it was originally issued
• All transmissions are Encrypted with session keys unique to those two devices for that transmit event
• A Signer Certificate (CSCA) is made public by the Issuer
• Lists of CSCAs from well-known Issuers can be assembled
• A Trust List is a list of trusted CSCAs signed by the aggregator
5
Issuer Mobile
ID (mDL)
Verifiers
Trust ListsSigner Certs
ISO 18013-5

Any Questions?
Scott Vien
Director of Business Development
svien@getgroupna.com
1-617-902-8577
6

What's hot

Technical Principles of FIDO Authentication

FIDO Alliance

Webinar: Securing IoT with FIDO Authentication

FIDO Alliance

IDC estimates that there will be 41.6 billion connected IoT devices by 2025, opening up opportunities for increased efficiencies and innovation across industries. Yet, lack of IoT security standards and typical processes such as shipping with default password credentials and manual onboarding leave devices, and the networks they operate on, open to large-scale attack. Last summer, the FIDO Alliance announced a new standards initiative to tackle these security issues in IoT. The Alliance’s IoT Technical Working Group aims to provide a comprehensive authentication framework for IoT devices in keeping with the fundamental mission of the Alliance – passwordless authentication. These webinar slides provide an update on this new work area, including: --How FIDO Authentication and existing specifications fit into the IoT ecosystem today --The charter and goals of the IoT TWG, including development of specifications for IoT device attestation/authentication profiles to enable interoperability between service providers and IoT devices; automated onboarding, and binding of applications and/or users to IoT devices; and IoT device authentication and provisioning via smart routers and IoT hubs --The progress of the working group to date, including the use case and target architectures the IoT TWG is looking at as a foundation for its specifications and certification program

Introduction to the FIDO Alliance

FIDO Alliance

The FIDO Alliance is an open industry association with over 250 member organizations focused on developing authentication standards to address the password problem. It has developed authentication standards based on public key cryptography as a stronger and simpler alternative to passwords. The FIDO ecosystem now includes over 350 certified solutions that can protect over 3.5 billion user accounts worldwide. The document discusses the password problem and outlines how FIDO authentication works to provide both security and usability through standards-based, interoperable authentication.

The FIDO Alliance Today: Status and News

FIDO Alliance

FIDO Alliance: Year in Review Webinar slides from January 20 2016

FIDO Alliance

Tatyana-Arnaudova - English

Tatyana Arnaudova

Modern Authentication for a Connected World

FIDO Alliance

The document provides an agenda for the Cloud Identity Summit on June 19, 2017 hosted by the FIDO Alliance. The agenda includes presentations on FIDO specifications and updates, the use of FIDO for government requirements, case studies on FIDO and Facebook login and Google Security Keys, and a panel on FIDO authentication and IoT. The event would welcome attendees and feature presentations from the FIDO Alliance executive director, Microsoft, Venable LLP, Yubico, and Google before closing with a panel on FIDO and IoT.

Global Regulatory Landscape for Strong Authentication

FIDO Alliance

The document discusses how governments are increasingly prioritizing strong authentication and looking to standards like FIDO to provide more secure, usable and privacy-preserving authentication. It notes that the UK and US governments have highlighted FIDO and endorsed its ability to deliver improved security without passwords. The document also discusses how authentication is an area of regulatory focus due to compliance needs around privacy, security and access across domains like digital government, healthcare, payments and financial services. It argues that FIDO specifications address regulatory needs by providing nimble, configurable and cost-effective strong authentication.

Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...

FIDO Alliance

FIDO Masterclass

FIDO Alliance

Strong Customer Authentication & Biometrics

FIDO Alliance

FIDO: The Value of Certification

FIDO Alliance

This document discusses FIDO certification programs which provide standardized testing to validate that products meet specifications and are interoperable. It outlines different certification programs for authenticators, IoT devices, and digital identity. Functional certification tests conformance to specifications while interoperability testing validates implementability. Authenticator certification has three security levels which add increased security requirements and assurances. Certification provides benefits like regulatory compliance, consumer protection, and confidence in product quality.

Using FIDO Authenticator for IoT Devices

FIDO Alliance

The document discusses using FIDO authenticators for IoT devices. It presents eWBM's biometric external FIDO authenticator and its security features. Potential applications of FIDO authentication for IoT are then described, including for device authentication over LoRa networks, drone control, and public WiFi access. The use of a BLE FIDO authenticator for personalized smart speaker services is also proposed. The conclusion recommends slimming down the FIDO client for embedded systems and achieving at least Security Level 2 certification for IoT authenticators.

Market Study on Mobile Authentication

FIDO Alliance

The document discusses mobile authentication and the growing market for connected devices. It summarizes Nok Nok Labs' solutions for securely authenticating users and devices using biometrics on mobile phones. Nok Nok Labs has provided mobile authentication solutions for major companies in financial services, IoT security, and mobile carriers to replace passwords with stronger authentication methods. The document highlights case studies of deployments and strategic partnerships with companies seeking more secure authentication for their customers and devices.

FIDO & PSD2 – Achieving Strong Customer Authentication Compliance

FIDO Alliance

The Second Payment Services Directive (PSD2) and the associated Regulatory Technical Standards (RTS) on strong customer authentication and secure communication impose stringent requirements on multi-factor authentication and on the security of implementations. Payment Service Providers will want to know whether the authentication solutions they put in place conform to the RTS both in terms of functionality and security. The FIDO Alliance standards are based on multi-factor authentication and are a strong fit for PSD2 compliance. The FIDO Alliance’s certification program provides an independent evaluation of functional compliance to the standards as well as of the achieved level of security of FIDO authenticators. Featuring industry experts, this presentation explores how FIDO can resolve key issues, including: • How the FIDO standards conform to the RTS • How FIDO’s certification program guarantees this conformity • How FIDO’s certification program provides for the mandatory security evaluation imposed by the RTS

Google Case Study: Strong Authentication for Employees and Consumers

FIDO Alliance

With 50,000 employees and more than a billion users, security and privacy are of critical importance to the Internet giant, Google. Two years ago, they set out with the goal of improving authentication through stronger security, increasing user satisfaction and lowering support costs. In that time, Google deployed FIDO Certified ® security keys. A detailed analysis by this data-driven company has demonstrated clear confirmation of how well FIDO’s approach is suited to making stronger, simpler authentication for employees and consumers.

Consumer Authentication Trends in APAC

FIDO Alliance

Top5 protectiondomains infographic_final

Mary McEvoy Carroll

Designed to help mobile operators implement effective LTE security measures, this new info graphic from Stoke describes the threats, risks and remediation options for the top five domains of protection for LTE networks: 1) Device and application security 2) RAN-Core Border (the junction of the radio access network with the EPC or S1 link) 3) Policy and Charging Control (interface of EPC with visited LTE network) 4) Internet Border 5) IMS core

FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs

Nok Nok Labs, Inc

The rise in mobile and cloud computing continue to drive the urgent need to rethink whether authentication is fit for purpose. The Mobile Network Operators (MNO) are well positioned to participate in this evolution, by enabling the secure storage of credentials within the SIM and delivering authentication-driven services to their business customers. These slides cover: - The respective roles of the FIDO Alliance, The Organization for the Advancement of Structured Information Standards (OASIS) and The OpenID Foundation; - GSMA’s Mobile Connect program which supports the use of mobile devices for authentication purposes; - The benefits of Nok Nok’s FIDO Ready™ technology for the MNO

Google FIDO Authentication Case Study

FIDO Alliance

What's hot (20)

Technical Principles of FIDO Authentication

Webinar: Securing IoT with FIDO Authentication

Introduction to the FIDO Alliance

The FIDO Alliance Today: Status and News

FIDO Alliance: Year in Review Webinar slides from January 20 2016

Tatyana-Arnaudova - English

Modern Authentication for a Connected World

Global Regulatory Landscape for Strong Authentication

Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...

FIDO Masterclass

Strong Customer Authentication & Biometrics

FIDO: The Value of Certification

Using FIDO Authenticator for IoT Devices

Market Study on Mobile Authentication

FIDO & PSD2 – Achieving Strong Customer Authentication Compliance

Google Case Study: Strong Authentication for Employees and Consumers

Consumer Authentication Trends in APAC

Top5 protectiondomains infographic_final

FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs

Google FIDO Authentication Case Study

Similar to The Future is Flying Cars and Digital Driver's Licenses on Our Phones - Scott Vien

Smart OpenID & Mobile Network Security

Andreas Leicher

Mobile Connections – FIDO Alliance and GSMA Presentation

FIDO Alliance

The document discusses FIDO, an authentication framework that aims to replace passwords with stronger authentication methods using public key cryptography. It describes how FIDO works by registering and authenticating users via cryptographic keys on their devices rather than passwords. FIDO promises easier and more secure authentication through standards like U2F security keys and UAF biometric logins. The document outlines the growth of the FIDO Alliance and increasing adoption of FIDO in major companies, operating systems, and governments seeking more secure authentication alternatives to vulnerable passwords.

Cybersecurity Slides

Jim Kaplan CIA CFE

Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues. In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including: Where are we now and Where are we going? Current Cyberrisks • Data Breach and Cloud Misconfigurations • Insecure Application User Interface (API) • The growing impact of AI and ML • Malware Attack • Single factor passwords • Insider Threat • Shadow IT Systems • Crime, espionage and sabotage by rogue nation-states • IoT • CCPA and GDPR • Cyber attacks on utilities and public infrastructure • Shift in attack vectors

Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG

Bjorn Hjelm

Assurity seminar 24 jan

Jason Kong

Smartphones are increasingly vulnerable targets for malware due to their constant internet connection and users' habits of installing applications. Common types of malware infect smartphones by tricking users into installing attractive but malicious applications or by exploiting vulnerabilities when users open emails and multimedia messages. The document discusses how hackers seek to compromise smartphones in order to steal sensitive personal and financial information.

SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.

Sierraware

case-study-on-digital-identity-swisscom-mobile-id_en

Alix Murphy

The document discusses Swisscom Mobile ID, a mobile authentication service launched by Swisscom in 2013. It provides strong authentication using PKI technology stored on the SIM card, allowing users to access multiple services and applications with a single login credential. The key to its success has been simplifying the user experience through a single sign-on and authentication rather than identification, and making the integration process easy for relying partners through a standardized interface. Within a few months, Mobile ID gained 25,000 users through this simplified user experience and Swisscom's focus on expanding the ecosystem of partners and services.

Embracing secure, scalable BYOD with Sencha and Centrify

Sumana Mehta

Scalable enterprise mobility solutions: How to give your employees tools they need without sacrificing user experience and security. Consumerization of IT and BYOD are here – and it’s a GOOD thing. Today's dynamic workplaces and hyper-competitive markets drive demand for more mobile productivity solutions. Nearly 70% of enterprise employees report making better decisions, being more productive and happier if they are allowed to use mobile devices and cloud-based tools. Yet, IT organizations often resist these trends because of cost and risk associated with multi-platform, multi-device ecosystem having access to corporate data and resources. In this webinar, product experts from Sencha and Centrify will help your organization embrace BYOD and SaaS in a cost-effective, scalable way. Sencha Space is an advanced platform for securely deploying mobile apps and delivering a consistent, elegant, mobile user experience to end-users. Users can launch any mobile web app, or HTML5 app in a secure, managed environment. Combining Space with secure, Active Directory- or Cloud-Based Identity and Access Management (IAM) from Centrify gives IT visibility and control over mobile platforms and SaaS / in-house apps while improving user experience and reducing security risk.

Mobilize your workforce with secure identity services

Sumana Mehta

Active Directory-Based Authentication for Mobile Apps Centrify partner program provides mobile application developers with a free, easy-to-deploy solution for integrating their apps with Active Directory and delivering 'Zero Sign-On' to enterprise users Centrify Mobile Authentication Services (MAS) and Software Developer Kit (SDK) delivers the first cloud-based solution that enables Active Directory-based authentication for mobile applications. With a simple, high-level API, developers can easily add Centrify's unique "zero sign-on" authentication and authorization services to their multi-tier applications, from the mobile device seamlessly through to their existing back-end infrastructure. Centrify's Mobile Authentication Service adds a critical capability not available in existing Mobile Device Management offerings, yet it is compatible with any existing MDM solution, including Centrify's mobile security management solution, to enable a comprehensive mobile security solution. http://www.centrify.com/mobile/mobile-authentication-services.asp

VMworld 2013: Android in the enterprise: Understand the challenges and how to...

VMworld

Passwordless Mobile Banking.pdf

KMSSolutionsMarketin

Apache Milagro Presentation at ApacheCon Europe 2016

Brian Spector

Apache Milagro (incubating) establishes a new internet security framework purpose-built for cloud-connected app-centric software and IoT devices that require Internet scale. Milagro's purpose is to provide a secure, free, and positive open source alternative to centralised and proprietary monolithic trust providers such as commercial certificate authorities and the certificate backed cryptosystems that rely on them. Milagro is an open source, pairing-based cryptographic platform that delivers solutions for device and end user authentication, secure communications and fintech / blockchain security; issues challenging Cloud Providers and their customers. It does this without the need for certificate authorities, putting into place a new category of service providers called Distributed Trust Authorities (D-TA®). Milagro's M-Pin® protocol, and its existing open-source MIRACL® implementation on which MILAGRO is built, is already in use by Experian, NTT, Ingram Micro, and Gov.UK and rolled out to perform at Internet scale for Zero Password® multi-factor authentication and certificate-less HTTPS / secure channel.

WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...

WSO2

Symantec Code Signing (UK)

Symantec Website Security

Two trends make code signing more important than ever: the explosion of consumer applications for mobile and desktop devices and the proliferation of malware. Cybercriminals recognise this as an opportunity and seek to trick us into installing malicious software (malware). Mobile network providers and software publishers increasingly require code signing from a trusted Certificate Authority (CA) before accepting code for distribution. Find out how code signing can benefit your software in our whitepaper and SlideShare presentation.

A case for identities - Etisalat, George Held at TADSummit

Alan Quayle

FIDO® for Government & Enterprise - Presentation

FIDO Alliance

With FIDO 1.0 standards published in December, 2015, mainstream product adoption and service deployment has begun with more announcement planned for the RSA Security Conference 2015. This webinar will feature FIDO highlights from the conference and a discussion of how governments and enterprises are engaging with FIDO Alliance and the new wave of innovative authentication solutions FIDO standards enable, with a special focus on how the US Government is positioning FIDO within the context of NSTIC (National Strategy for Trusted Identities in Cyberspace).

IRJET- Technical Review of different Methods for Multi Factor Authentication

IRJET Journal

This document discusses various multi-factor authentication methods including smart cards, graphical passwords, risk assessment, mobile phone tokens, GPS location and timestamp, hand vein recognition, DNA recognition, and biometric authentication. It provides details on how each method works and evaluates factors like universality, uniqueness, collectability, performance and acceptability for multi-factor authentication. The document aims to review different technical approaches to implement multi-factor authentication for secure user identification.

Belgian mobile ID presents itsme

Belgian Mobile ID - itsme

This document discusses Belgian Mobile ID, a digital identity service provided by a consortium of Belgian banks and mobile network operators. It allows Belgian citizens to securely sign up, log in, confirm, and sign transactions and documents online using their mobile phone. The service provides a unique, secure mobile identity for each user while respecting privacy and security guidelines. It uses a combination of software and secure hardware elements in users' SIM cards to authenticate users without needing to swap SIMs. The service aims to become the Belgian standard for digital identity and has a wide range of applications in areas like e-government, finance, healthcare, and more.

Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI

Sierraware

FIDO in Government

FIDO Alliance

Similar to The Future is Flying Cars and Digital Driver's Licenses on Our Phones - Scott Vien (20)

Smart OpenID & Mobile Network Security

Mobile Connections – FIDO Alliance and GSMA Presentation

Cybersecurity Slides

Overview of the OpenID Foundation's Mobile Profile of OpenID Connect MODRNA WG

Assurity seminar 24 jan

SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.

case-study-on-digital-identity-swisscom-mobile-id_en

Embracing secure, scalable BYOD with Sencha and Centrify

Mobilize your workforce with secure identity services

VMworld 2013: Android in the enterprise: Understand the challenges and how to...

Passwordless Mobile Banking.pdf

Apache Milagro Presentation at ApacheCon Europe 2016

WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...

Symantec Code Signing (UK)

A case for identities - Etisalat, George Held at TADSummit

FIDO® for Government & Enterprise - Presentation

IRJET- Technical Review of different Methods for Multi Factor Authentication

Belgian mobile ID presents itsme

Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI

FIDO in Government

More from IdentityNorthEvents

IdentityNORTH Annual Summit 2020 - Summit Summary

IdentityNorthEvents

The document summarizes the IdentityNORTH Annual Summit 2020, which was held virtually over two days in June 2020 due to the COVID-19 pandemic. Some of the key highlights from the summit included: - The summit had over 500 attendees from across sectors and levels of seniority, with a focus on digital identity, privacy, and data protection. - Speakers discussed how the pandemic highlighted the importance of digital identity and access management solutions to enable industries and experiences to move online. - Both the public and private sectors agreed that Canadian-wide digital identity standards could improve government service delivery and the citizen experience. - Presenters emphasized the need for regulations and policies to evolve with technology to better protect Canadians and maintain trust

Webinar: Making the Move from Legacy IAM to Modern Digital Identity – On Your...

IdentityNorthEvents

Update from the Province of Nova Scotia - Arlene Williams

IdentityNorthEvents

Digital Identity in Nova Scotia aims to make it easier for citizens to access services online through a digital identity platform. The strategy involves building common platforms across government for identity verification that are cheaper and provide a consistent user experience. A discovery process found that people are willing to share information to verify their identity digitally with government as long as privacy is ensured. The next steps are continuing to improve the digital identity platform, onboard more services, and conduct a review to leverage existing identity data sources for verification while ensuring proper legal authority and privacy protections.

Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...

IdentityNorthEvents

Update from the Province of Prince Edward Island - Laura Stanford

IdentityNorthEvents

This document outlines Prince Edward Island's digital government vision and strategy. It discusses establishing digital identity and design standards, conducting legislative reviews, and implementing new technologies like an enterprise integration platform. The goals are to modernize government services, make them more accessible digitally to citizens, and center programs and policies around people's needs. Key activities include business process redesign pilots, a service design playbook, digital skills training, and establishing governance for digital identity and standards.

Digitizing Healthcare Identity - Lessons Learned - Brenan Isabelle

IdentityNorthEvents

This document summarizes a presentation about lessons learned from a proof of concept project digitizing healthcare delivery using blockchain identity technology. The project involved integrating the identity verification platform OARO into the systems of a large multinational health insurer and provider to streamline patient onboarding and authentication. Benefits achieved included reduced onboarding times, improved data accuracy, and increased digital customer rates. Challenges addressed identity, privacy and integrating disparate healthcare systems.

Modernizing Identity Access Management Platforms - Dale Kinney & Damian Flannery

IdentityNorthEvents

The document discusses modernizing identity and access management platforms by augmenting, coexisting with, and migrating from legacy systems using ForgeRock's identity platform. It outlines challenges with legacy tech, the need for context beyond just identity, and how ForgeRock's solution can help simplify deployment, improve security, scale to millions of users, and extend to cloud and other environments. The City of Richmond case study is provided as an example of increasing productivity by consolidating siloed data and identities onto ForgeRock's single platform.

Reviewing the Updated Canadian Money Laundering Regulations - Gene DiMira

IdentityNorthEvents

The document summarizes a workshop on updated Canadian anti-money laundering regulations and digital identification. Recent changes to the regulations now permit the use of government IDs and credit bureau methods for identity verification. This expands options for non-face-to-face identity capture. The digital identity community can help financial institutions comply by providing a directory of innovative ID technologies. Additionally, the FATF is drafting global guidance on digital ID to be released in 2020 to establish international standards.

The Evolution of Canada’s Digital Trust Framework - Joni Brennan

IdentityNorthEvents

The document discusses Canada's journey to establishing a digital trust framework to protect personal data while enabling public and private sector data sharing. It argues that Canadians should know what data exists about them and that citizens, governments, and businesses need tools to manage how identity data is shared. It promotes the Digital ID & Authentication Council of Canada (DIACC) as an organization working to co-create industry standards for digital identity management and data sharing in Canada.

Advertising in The Age of Digital Identity - Azadeh Dindayal

IdentityNorthEvents

This document discusses advertising in the age of digital identity and data. It notes that fragments of people's digital identities are scattered online through their social media activity, interests, surveys and mobile app usage. This data is used by over 5,000 marketing technology companies to power personalized advertising. However, issues exist like ads being seen too many times, meant for other users, and privacy concerns. 59% of ad operations professionals say it's difficult to track down fraudulent actors. The document advocates for more governable, user-centric digital ecosystems with consent over data sharing, access to services through open standards, and secure transactions to build greater digital trust between advertisers and users.

Role of the Standards Council of Canada in Emerging Tech like Digital Identit...

IdentityNorthEvents

More from IdentityNorthEvents (11)