The FIDO Alliance's goal is for the whole world to move away from usernames, passwords, and traditional MFA to a simpler and stronger way to log in with FIDO! Here's a look at the past year’s progress and what's happening next.
Passwords are archaic, and a danger to enterprise security. Now the accepted standard for multi-factor authentication (MFA), FIDO Authentication can be deployed in the enterprise for easier and secure access to corporate networks, applications, and workstations. Organizations that adopt FIDO will experience profound improvements in security, helpdesk costs, user experience, and productivity. But where to start? Attend this webinar to learn about considerations for deploying FIDO in the enterprise, including how to gradually rollout FIDO authentication and select the right authenticators and the right server policies for the right user cases. This webinar will provide essential education for any organization that wants to get started on eliminating passwords and securing the simple act of logging on within their company.
IDC estimates that there will be 41.6 billion connected IoT devices by 2025, opening up opportunities for increased efficiencies and innovation across industries. Yet, lack of IoT security standards and typical processes such as shipping with default password credentials and manual onboarding leave devices, and the networks they operate on, open to large-scale attack. Last summer, the FIDO Alliance announced a new standards initiative to tackle these security issues in IoT. The Alliance’s IoT Technical Working Group aims to provide a comprehensive authentication framework for IoT devices in keeping with the fundamental mission of the Alliance – passwordless authentication. These webinar slides provide an update on this new work area, including: --How FIDO Authentication and existing specifications fit into the IoT ecosystem today --The charter and goals of the IoT TWG, including development of specifications for IoT device attestation/authentication profiles to enable interoperability between service providers and IoT devices; automated onboarding, and binding of applications and/or users to IoT devices; and IoT device authentication and provisioning via smart routers and IoT hubs --The progress of the working group to date, including the use case and target architectures the IoT TWG is looking at as a foundation for its specifications and certification program
Eleanor Weaver and Simon Fellows presented on Darktrace, an artificial intelligence cybersecurity company that provides self-learning cyber defense systems. Darktrace's systems can passively learn normal operations without maintenance and detect threats across OT, IT, and IoT networks. The systems are protocol and technology agnostic, providing full visibility without needing to understand individual network configurations or protocols. Traditional security approaches like baselining lack context to distinguish normal operations from attacks and cannot detect existing compromises. Darktrace uses case studies to demonstrate how its systems have detected complex ransomware infections and external reconnaissance efforts on critical infrastructure networks.
The document discusses using FIDO authenticators for IoT devices. It presents eWBM's biometric external FIDO authenticator and its security features. Potential applications of FIDO authentication for IoT are then described, including for device authentication over LoRa networks, drone control, and public WiFi access. The use of a BLE FIDO authenticator for personalized smart speaker services is also proposed. The conclusion recommends slimming down the FIDO client for embedded systems and achieving at least Security Level 2 certification for IoT authenticators.
A detailed, technical look at the FIDO specifications including the use cases, registration, authentication and fundamentals of FIDO.
This document summarizes LINE's deployment of FIDO2 authentication for its LINE Pay service. It discusses how passwords are insecure and the root of many breaches. FIDO2 provides a stronger alternative using public/private key attestation and is designed to be privacy-preserving. LINE joined the FIDO Alliance in 2017 and certified its universal server in 2018. It has implemented FIDO2 authentication flows for iOS using Touch ID/Face ID and for Android. Future plans include expanding FIDO2 to more financial services and LINE applications to encourage password-less authentication.
The document discusses modern authentication and Nok Nok Labs' role in pioneering this area. It notes that Nok Nok Labs invented modern authentication, founded and led the FIDO Alliance, and has deployed authentication solutions for major markets. The document promotes the benefits of leveraging modern authentication, such as improved customer experience, higher retention and satisfaction, and reduced fraud and costs. It argues that authentication, security, and privacy will be vital for society with the rise of cloud services, IoT, and other technologies.
A detailed look at FIDO Authentication, how FIDO works, FIDO & federation, attestation and meta data, and more.
This document summarizes case studies of two companies, Intuit and T-Mobile, deploying passwordless authentication using Nok Nok's FIDO solution. Intuit wanted to improve security while providing a seamless customer experience on mobile and web. Their implementation of Nok Nok's FIDO reduced authentication failures from 20-15% to under 1% and cut authentication time by 20%. T-Mobile aimed to reduce password pains and increase confidence in the right user accessing accounts. Their rollout of Nok Nok's FIDO cut password resets by 65% and saw 50% adoption in the first 5 months. Both companies were able to successfully deploy modern, standards-based passwordless authentication improving the customer experience
This presentation details the FIDO Alliance Certification Program - including an overview of the programs, process and the value of certification for both vendors and relying parties.
This document discusses FIDO certification programs which provide standardized testing to validate that products meet specifications and are interoperable. It outlines different certification programs for authenticators, IoT devices, and digital identity. Functional certification tests conformance to specifications while interoperability testing validates implementability. Authenticator certification has three security levels which add increased security requirements and assurances. Certification provides benefits like regulatory compliance, consumer protection, and confidence in product quality.
The document discusses U2F (Universal 2nd Factor) authentication. It describes the FIDO Alliance, an organization that aims to develop open authentication standards to replace passwords. The FIDO Alliance has two specifications, UAF and U2F, that allow websites to interface with a variety of security devices. U2F provides a simple and secure authentication method where the user inserts and presses a button on their security key device for authentication across multiple services. This method is resistant to phishing and man-in-the-middle attacks since each device has unique cryptographic keys.
This document discusses the FIDO Alliance's approach to privacy in authentication. It outlines the history of privacy by design principles and how FIDO implemented them. Key points include that FIDO aims to keep user verification and biometric data local to the authenticator, prevents linkability between accounts, and allows de-registration at any time in accordance with privacy principles. The document also maps FIDO's approach to relevant regulatory requirements around privacy.
A look at FIDO Certification program, including functional, authenticator and biometric; the value of certification for relaying parties and vendors, and how to get started.
The FIDO Alliance invites you to learn how simplify strong authentication for web services. This presentation was part of our FIDO Alliance Seminar in Tokyo, Japan, in November, 2015.
Learn how FIDO-based authentication can complement federated authentication - and why they are better together. The FIDO Alliance invites you to learn how simplify strong authentication for web services. FIDO specifications can help all organizations, especially service providers who want to scale these features for consumer services over the web. Essentially, FIDO offers a simple, low-cost way to improve security and the online experience.
This document discusses the growing adoption of FIDO authentication standards for passwordless, phishing-resistant multi-factor authentication. It predicts that in 2022, enterprise passwordless deployments will grow rapidly as mobile platforms provide consumer-ready solutions at scale. The document outlines how FIDO specifications offer simpler and stronger authentication using public key cryptography backed by major technology companies. It notes that over 5 billion devices now support FIDO and more than 150 million people are using passwordless methods each month. Government policies are evolving to recognize FIDO authentication as the preferred choice and gold standard for phishing-resistant multi-factor authentication.
The document discusses FIDO Alliance's efforts to create simpler and stronger authentication standards to replace passwords. It provides an overview of FIDO authentication, including how it works, adoption rates, and certification programs. It also summarizes the Alliance's work in identity verification, binding, and FIDO Device Onboarding to fill gaps and further the passwordless vision.
This document provides a summary of a presentation on passwordless authentication and the role of the FIDO Alliance. It begins with statistics showing the increasing costs and impacts of cyberattacks targeting financial services. The presentation then discusses predictions that phishing attacks and MFA bypass attacks will continue to grow. However, it also predicts that enterprise passwordless deployments and consumer-ready solutions will increase rapidly. The rest of the presentation focuses on the FIDO Alliance's work to develop open standards for simpler and stronger authentication using public key cryptography and possession-based credentials like "passkeys." It discusses growing browser, platform and government support for FIDO and the Alliance's initiatives to further improve usability while maintaining security, such as new guidelines
This document provides a summary of a presentation on passwordless authentication and the role of the FIDO Alliance. It begins with statistics showing the high costs of cyberattacks for financial institutions and the importance of security for consumer trust. The presentation then discusses predictions that phishing attacks and MFA bypass attacks will rise in 2022-2023. It outlines how FIDO authentication works using public key cryptography during a single user gesture to securely authenticate users. The presentation notes growing support from browsers, operating systems, governments, and global companies and outlines the FIDO Alliance's focus on improving usability while maintaining security, such as through new multi-device credential standards. It predicts these solutions will help address credential-based attacks and enable
The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers. As part of this project, we wanted to learn more about consumer attitudes and habits around authentication. What are their password habits? What do they think about the FIDO approach? Do they want to see FIDO at login? To find out, we conducted a survey of 1,000 U.S. consumers – the results of which were shared on this webinar. These slides include the findings from our research and how you may be able to utilize the data for your own FIDO offerings and/or deployments. This webinar includes: --How many different passwords consumers really use for their online accounts --What tactics they use for password management and how often they are resetting passwords and --Their familiarity with various types of authentication technologies including SMS OTPs, biometrics and others --The types of apps and services where consumers most want to use FIDO --How consumers want to be communicated with about FIDO at enrollment and login We also gave the audience a detailed look at LoginWithFIDO.com and how you can consider using it for your own educational initiatives around FIDO. You’ll learn: --How to navigate through the microsite and its two landing pages --How you can reference the site and its materials for your own offerings and deployments --Added insights into how to utilize FIDO’s consumer-facing marks