In just over one year, the FIDO Certified Program has tested and certified more than 200 implementations of the FIDO specifications. There is strong interest and momentum in the market for FIDO Certified products — including FIDO’s new BLE certification, which for the first time brings FIDO technology to wearables and other emerging form factors. These slides include information about: - An overview of the program, including updates on newly available certification methodologies, - Some of the latest and greatest FIDO Certified solutions on the marketplace, and gain an understanding of how products get started through the FIDO Certification process, and also will understand the benefits of deploying FIDO Certified authentication solutions.

1. FIDO CERTIFICATION:
VALIDATING THE NEXT GENERATION OF
STRONGER, SIMPLER AUTHENTICATION
Steve Wilson, Ramesh Kesanupalli, Adam Powers
All Rights Reserved | FIDO Alliance | Copyright 2016

2. Agenda
• Welcome
• The Importance of Interoperability
• FIDO Certification Program Overview
• Highlights from Year One
• What’s New with the Program
• Implementation Highlights
• Getting Certified
• Q & A
2All Rights Reserved | FIDO Alliance | Copyright 2016

3. The Importance of Interoperability
3All Rights Reserved | FIDO Alliance | Copyright 2016
STEVE WILSON
Vice President and Principal Analyst,
Constellation Research

4. Physical-to-digital identity
User Management
Authentication
Federation
Single
Sign-On
Passwords Risk-BasedStrong
MODERN
AUTHENTICATION
FIDO Scope

5. PROGRAM OVERVIEW
Ramesh Kesanupalli, FIDO Visionary & Founder Nok Nok Labs
5All Rights Reserved | FIDO Alliance | Copyright 2016

6. Certification Goals
• Enable implementations to be identified as
officially FIDO certified
• Ensure interoperability between FIDO
officially recognized implementations
• Promote the adoption of the FIDO
ecosystem
6All Rights Reserved | FIDO Alliance | Copyright 2016

7. Certification Overview
• Available to both members and non-members
• Four steps to certification
7All Rights Reserved | FIDO Alliance | Copyright 2016

8. 8All Rights Reserved | FIDO Alliance | Copyright 2016
Deployments are enabled by
150+ 200+ FIDO® Certified products
available today

9. 9All Rights Reserved | FIDO Alliance | Copyright 2016

10. Certification Growth
10All Rights Reserved | FIDO Alliance | Copyright 2016
151
62
32
62
74
108
159
213
Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16
TOTAL

11. OEMs Now Shipping FIDO Certified Devices
S5, Mini Alpha Note 4,5 Note Edge Tab S,
Tab S2
S6,
S6 Edge
S7,
S7 Edge
Vernee
Thor
Aquos Zeta
Xperia Z5 Xperia Z5
Compact
Xperia Z5
Premium
Mate 8
V10 G5
Phab2
Pro
Phab2
Plus
Z2, Z2 ProArrows
NX
Arrows
Fit
Arrows
Tab
All Rights Reserved | FIDO Alliance | Copyright 2016

12. FIDO Applications Now Run on iOS 9
12All Rights Reserved | FIDO Alliance | Copyright 2016
iPhone 5s iPhone 6, 6+
iPad Air 2, Mini 3
iPhone 6s, 6s+
iPad Mini 4 iPad Pro
Supported iOS Fingerprint Devices

13. WHAT’S NEW WITH THE
CERTIFICATION PROGRAM
Adam Powers, Director of Technology, FIDO Alliance
13All Rights Reserved | FIDO Alliance | Copyright 2016

14. BLE
• 2014: USB
• 2015: NFC
• 2016: BLE
• Bluetooth Smart authenticators, based on new U2F BLE specification
• One-click authentication
• U2F support for iOS
14
+
All Rights Reserved | FIDO Alliance | Copyright 2016

15. On Demand Testing Overview
On
Demand
Testing
Virtual
Shipped
In-
Person
Confidential
FIDO Alliance | Confidential | All Rights Reserved | Copyright 2016 15
• Existing Process – Interop Testing
• Interop every 90 days
• Plan ahead! May impact product schedules…
• New Process – On Demand Testing
• Pick your testing date from a calendar
• Servers: remote / virtual testing
• Authenticators: ship device or in-person testing
• Convenience and fast turn-around

16. Upcoming Certification Programs
• Security Certification
• Third-party lab security testing
• Ensure authenticators are secure against at-scale and
targeted attacks
• Biometric Certification
• Biometric neutral third-party biometric testing
• Ensure levels of False Accept Rate (FAR) and resistance to
predefined presentation attacks
• New Specification Releases
• Stay tuned for more details…
16All Rights Reserved | FIDO Alliance | Copyright 2016

17. IMPLEMENTATION HIGHLIGHTS
17All Rights Reserved | FIDO Alliance | Copyright 2016

18. Korean Market Growth
• Most markets seeing
healthy growth…
• Huge spike in Korean
certifications in 2016
18All Rights Reserved | FIDO Alliance | Copyright 2016
3
16
55
73
Sept-15 Dec-15 Mar-16 May-16

19. BLE & NFC
All Rights Reserved | FIDO Alliance | Copyright 2016

20. BLE / NFC Implementations
21All Rights Reserved | FIDO Alliance | Copyright 2016

21. Cool Authentication
22
Voice + FacePalm Recognition
Iris Recognition PIN + Mini jack
All Rights Reserved | FIDO Alliance | Copyright 2016

22. TIPS FOR RELYING PARTIES
23All Rights Reserved | FIDO Alliance | Copyright 2016

23. Key Considerations
• FIDO® Certified
• Out-of-the-box interoperability
• Broad ecosystem of authenticators and devices
• Open Source Implementations
• Exist for both UAF and U2F
• Great for prototyping and small deployments
• Include FIDO in your RFP
• The simple way to ask for secure authentication
24All Rights Reserved | FIDO Alliance | Copyright 2016

24. Deploying: Authentication
25
phone / app
FIDO Client
FIDO
Authenticator(s)
Web
Server
Relying Party Applications
FIDO Components
FIDO Client API
All Rights Reserved | FIDO Alliance | Copyright 2016

25. Deploying: Second Factor
Original DB
Original Database
user_id Password#
JohnDoe
4^hfd;`gpo
U2F Database
U2F DB
Relation
Relying Party
user_id Meta U2F Data
JohnDoe
Yubico, Security
Key, USB
key handle, public
key, certificate
JohnDoe
Yubico, YubiKey
NEO, USB + NFC
key handle, public
key, certificate
John Doe Yubico, Mobile app
key handle, public
key, certificatediagram provided by:
• Average time to integrate: < 1
week
• Stats from Google Deployment:
• 4x faster login
• Significant fraud reduction
• 40% support reduction
All Rights Reserved | FIDO Alliance | Copyright 2016

26. TIPS FOR PRODUCT IMPLEMENTERS
27All Rights Reserved | FIDO Alliance | Copyright 2016

27. The Value of Ecosystem
28All Rights Reserved | FIDO Alliance | Copyright 2016

28. The Value of Certification
29All Rights Reserved | FIDO Alliance | Copyright 2016
Higher Quality
Deployment Ready
Interoperability
Market Ready

29. Getting the Most from Certification
• Remember to use your FIDO Certified logo!
• Tradeshows, websites, product briefs, etc.
• Being a member has its privileges
• Connect with RPs at plenaries, networking events, etc.
• Certification discounts
• Early access to specifications = first mover advantage
30All Rights Reserved | FIDO Alliance | Copyright 2016

30. Getting Started
• Register for Self-Conformance Test Tool Access : https://fidoalliance.org/test-tool-
access-request/
• For UAF, you will need to complete both automated and manual testing
• UAF Authenticators only will need a Vendor ID: http://fidoalliance.org/vendor-id-request/
• Complete Self-Conformance Testing at least two weeks prior to interoperability event.
• Elect to Participate in Pre-Testing in the two weeks prior to the interoperability event
(recommended)
• Register for the next interoperability event to be held in Korea :
https://fidoalliance.org/interop-registration/
• Next Interoperability Event Host: CrucialTec (Korea)
• August 30 – 31, 2016: UAF
• September 1, 2016: U2F
31All Rights Reserved | FIDO Alliance | Copyright 2016

31. Next Steps
32All Rights Reserved | FIDO Alliance | Copyright 2016
https://fidoalliance.org/certification/

32. QUESTIONS?
33All Rights Reserved | FIDO Alliance | Copyright 2016