SlideShare a Scribd company logo

FIDO Certification Program Updates

FIDO Alliance
FIDO Alliance

FIDO’s certification programs are a critical element in ensuring an interoperable ecosystem of products and services that organizations can leverage to deploy FIDO Authentication solutions worldwide. FIDO manages functional certification programs for its core specifications (UAF, U2F and FIDO2) to ensure product interoperability, and more recently has introduced programs to delineate security capabilities of FIDO Certified Authenticators, and also to test and validate the efficacy of biometric components. These slides explain how to: - Learn how to take part in the FIDO Certified program and/or what to consider when licensing FIDO Certified solutions - Understand how FIDO’s new biometric certification program (a first of its kind in the industry) will help inform the marketplace on the accuracy of various biometric authentication components - See how FIDO’s Certified Authenticator Levels will help deploying organizations specify and support specific security capabilities and requirements for their end users

Technology
1 of 30
Download to read offline
All Rights Reserved | FIDO Alliance | Copyright 2018 FIDO Certified Program Updates Authenticators, Biometrics & FIDO2
All Rights Reserved | FIDO Alliance | Copyright 2018 2 Agenda • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
All Rights Reserved | FIDO Alliance | Copyright 20183 CERTIFICATION GOALS • Enable implementations to be identified as officially FIDO certified • Ensure interoperability between FIDO officially recognized implementations • Promote the adoption of the FIDO ecosystem • Provide RPs with the ability to assess performance requirements for user authenticators • Provide the industry at large with a testing baseline for biometric component performance
All Rights Reserved | FIDO Alliance | Copyright 20184 FIDO CERTIFIED ECOSYSTEM (SAMPLE) PHONES & PCs 475 FIDO Certified Implementations Today SECURITY KEYS CLOUD/SERVER SOLUTIONS
All Rights Reserved | FIDO Alliance | Copyright 20185 LATEST CERTIFICATION UPDATES • Formal FIDO2 Interop occurred 20-23 August 2018 • Authenticator Certification Program Level 3 and 3+ • Utilizes the Companion Program for Certification • Biometric Certification Program • False Accept Rate • False Reject Rate • Presentation Attack Detection
6 AGENDA • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
All Rights Reserved | FIDO Alliance | Copyright 20187 FIDO AUTHENTICATOR CERTIFICATION • The FIDO Authenticator Certification Program validates that Authenticators conform to the FIDO specifications (UAF/U2F/FIDO2) and allows vendors to certify the security characteristics of their implementations • After completing certification, vendors may use the FIDO logo on their products
All Rights Reserved | FIDO Alliance | Copyright 20188 LEVELS PICTORIAL NOTE: For Authenticators that use a biometric the Biometric Certification is required at L2+ and higher.
All Rights Reserved | FIDO Alliance | Copyright 20189 EXAMPLES
All Rights Reserved | FIDO Alliance | Copyright 201810 SECURITY EVALUATION Level 3rd Party Lab Work Required Evaluation Style L1 None – evaluation is solely by FIDO Alliance Security Secretariat • System design review L1+ (preliminary) Vendor must hire a FIDO-approved lab • System design review • Code review • SW penetration test / attack potential calculation L2 Vendor must hire a FIDO-approved lab • System design review L2+ (preliminary) Vendor must hire a FIDO-approved lab1 • System design review • Code review • SW penetration test / attack potential calculation L3 Vendor must hire a FIDO-approved lab1 • System design review • Code review • HW penetration test / attack potential calculation L3+ Vendor must hire a FIDO-approved lab1 • System design review • Code review • HW penetration test / attack potential calculation 1 At level L2+ and higher, it should usually be the case that the platform HW and SW have already been certified and the FIDO vendor will only need to certify the FIDO-specific requirements (e.g. the authenticator is running on an already-certified TEE, Secure Element…)
All Rights Reserved | FIDO Alliance | Copyright 201811 NEW COMPANION PROGRAM • Companion Programs are independent testing programs which FIDO partners with to lessen the certification burden • Example: Common Criteria or ISO/IEC 15408 • The vendor uses a FIDO created mapping document that maps program requirements from companion program to FIDO security requirements • The authenticator is evaluated on the delta requirements only • Companion Programs are currently required for Authenticator Security levels 3 and 3+ More information can be found on the FIDO Alliance website: https://fidoalliance.org/fido-authenticator-certification-companion- program/
FIDO Alliance | All Rights Reserved | Copyright 201812 CHANGES AFTER INITIAL CERTIFICATION Delta Certification is a process to verify that a Certified implementation still meets requirements for the following cases: • Product upgrades • Version upgrade • Level downgrades • Security vulnerability • Post suspension
All Rights Reserved | FIDO Alliance | Copyright 201813 CHANGES AFTER INITIAL CERTIFICATION Derivative Certification: • Products or services that rely upon existing Certified implementations for conformance with FIDO specifications • A Derivative implementation may not modify, expand, or remove FIDO functionality from the Certified implementation on which it is based
14 AGENDA • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
FIDO Alliance | All Rights Reserved | Copyright 201815 FIDO CERTIFICATION PURPOSE The FIDO Biometric Certification Program is intended to certify biometric components and/or subsystems and is independent from Authenticator Certification Program
All Rights Reserved | FIDO Alliance | Copyright 201816 TESTING STEP 1: BIOMETRIC SUBCOMPONENT
FIDO Alliance | All Rights Reserved | Copyright 201817 ALLOWED INTEGRATION DOCUMENT • Developed by vendor and submitted to lab • Used to document changes necessary to accommodate integration with authenticator • Must include explanation of possible software and hardware changes
All Rights Reserved | FIDO Alliance | Copyright 201818 TESTING STEP 2: AUTHENTICATOR
All Rights Reserved | FIDO Alliance | Copyright 201819 AUTHENTICATOR CERTIFICATION Using a Certified Biometric Subcomponent: • Optional for Authenticators using a Biometric at L1-L2. • The Security Requirements enforce Biometric Certification of the biometric at L3 and higher when a biometric is used in the authenticator. • Once L2+ is finalized Biometric Certification will also be required • Results in a “FIDO Certified” Authenticator
FIDO Alliance | All Rights Reserved | Copyright 201820 BIOMETRIC DEFINITIONS • False Accept Rate (FAR): The proportion of verification transactions with wrongful claims of identity that are incorrectly confirmed • False Reject Rate (FRR): The proportion of verification transactions with truthful claims of identity that are incorrectly denied • Impostor Attack Presentation Match Rate (IAPMR): Proportion of presentation attacks in which the target reference is matched
FIDO Alliance | All Rights Reserved | Copyright 201821 BIOMETRIC PERFORMANCE LEVELS • Biometric Requirements: • False Accept Rate (FAR): SHALL meet the requirement of less than 1:10,000 for the upper bound of a 80% confidence interval. FAR is measured at the transaction level. • False Reject Rate (FRR): SHALL meet the requirement of less than 3:100 for the upper bound of a 80% confidence interval. FRR is measured at the transaction level. • Presentation Attack Detection: SHALL be performed by the FIDO-accredited independent testing laboratory on the TOE provided by vendor. The evaluation measures the Impostor Attack Presentation Match Rate for each presentation attack type, as defined in ISO 30107 Part 3. NOTE: FIDO-accredited independent testing laboratory performs live subject scenario testing on the TOE provided by vendor using a combination of on-line/off-line testing, as well as presentation attack testing, based on ISO 19795-1 and ISO 30107-3.
FIDO Alliance | All Rights Reserved | Copyright 201822 SELF-ATTESTATION - OPTIONAL • Biometric Requirements: • False Accept Rate (FAR): The vendor SHALL attest to an FAR of [1:25,000 or 1:50,000 or 1:75,000 or 1:100,000] at an FRR of 3% or less. • False Reject Rate (FRR): The vendor SHALL attest to an FRR at no greater than 3% as measured when determining the self-attested FAR. In other words, self attestation for FRR is only possible when self attesting for FAR. NOTE: Self-attestation for FAR and FRR shall be supported by test data and documented in a report submitted to lab from vendor.
23 AGENDA • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
FIDO Alliance | All Rights Reserved | Copyright 201824 ROLES AND RESPONSIBILITIES Working Groups Secretariats Security Review Team Certification Trouble Shooting Accredited Labs Vendors Partner Programs OEMs
All Rights Reserved | FIDO Alliance | Copyright 201625 GETTING STARTED: FUNCTIONAL CERTIFICATION Register for Self-Conformance Test Tool Access : https://fidoalliance.org/test-tool-access-request/ • For UAF, you will need to complete both automated and manual testing • UAF Authenticators only will need a Vendor ID: http://fidoalliance.org/vendor-id-request/ Complete Self-Conformance Testing at least two weeks prior to interoperability event. Elect to Participate in Pre-Testing in the two weeks prior to the interoperability event (recommended) Register for and attend the next interoperability event: https://fidoalliance.org/interop-registration/ Next Interoperability Event Host: Seoul, S. Korea, 12-15 November 2018 (Location TBD). Registration opening soon.
All Rights Reserved | FIDO Alliance | Copyright 201826 INTEROP TESTING OVERVIEW • Existing Process – Interop Testing • Interop every 90 days • Plan ahead! May impact product schedules… • New Process – On Demand Testing • Pick your testing date from a calendar • Servers: remote / virtual testing • Authenticators: ship device or in-person testing • Convenience and fast turn-around On Demand Testing Virtual Shipped In-Person
Functional Testing Security Evaluation Certification Issuance Trademark Licensing Agreement Metadata Submission 27 CERTIFICATION PROCESS OVERVIEW FIDO Alliance | All Rights Reserved | Copyright 2018
All Rights Reserved | FIDO Alliance | Copyright 201828 GETTING STARTED – BIOMETRIC CERTIFICATION Apply for Biometric component certification • Request an account: https://fidoalliance.org/certification/certification- account-request/ Select an Accredited Biometric Lab and agree to terms for testing • Biometric Accredited Lab list: https://fidoalliance.org/fido-accredited-biometric-laboratories/
Biometric Testing Laboratory Report Certification Request Certification Issuance (recommended) Authenticator Certification FIDO Alliance | All Rights Reserved | Copyright 201829 CERTIFICATION PROCESS OVERVIEW
All Rights Reserved | FIDO Alliance | Copyright 201830 Connect with FIDO fidoalliance.org

Recommended

Solving the IoT Challenge
Solving the IoT ChallengeSolving the IoT Challenge
Solving the IoT ChallengeFIDO Alliance
 
FIDO: The Value of Certification
FIDO: The Value of CertificationFIDO: The Value of Certification
FIDO: The Value of CertificationFIDO Alliance
 
Fido Security Key
Fido Security KeyFido Security Key
Fido Security KeyGoTrust ID
 
FIDO in Action: Real World Development Case Studies
FIDO in Action: Real World Development Case StudiesFIDO in Action: Real World Development Case Studies
FIDO in Action: Real World Development Case StudiesFIDO Alliance
 
Ask FIDO About Anything: Certification
Ask FIDO About Anything: CertificationAsk FIDO About Anything: Certification
Ask FIDO About Anything: CertificationFIDO Alliance
 
The Value of FIDO Certification
The Value of FIDO CertificationThe Value of FIDO Certification
The Value of FIDO CertificationFIDO Alliance
 
FIDO Certified Program: The Value of Certification
FIDO Certified Program: The Value of Certification FIDO Certified Program: The Value of Certification
FIDO Certified Program: The Value of Certification FIDO Alliance
 
FIDO Biometric Certification Program
FIDO Biometric Certification ProgramFIDO Biometric Certification Program
FIDO Biometric Certification ProgramFIDO Alliance
 

Recommended

Solving the IoT Challenge
Solving the IoT ChallengeSolving the IoT Challenge
Solving the IoT ChallengeFIDO Alliance
 
FIDO: The Value of Certification
FIDO: The Value of CertificationFIDO: The Value of Certification
FIDO: The Value of CertificationFIDO Alliance
 
Fido Security Key
Fido Security KeyFido Security Key
Fido Security KeyGoTrust ID
 
FIDO in Action: Real World Development Case Studies
FIDO in Action: Real World Development Case StudiesFIDO in Action: Real World Development Case Studies
FIDO in Action: Real World Development Case StudiesFIDO Alliance
 
Ask FIDO About Anything: Certification
Ask FIDO About Anything: CertificationAsk FIDO About Anything: Certification
Ask FIDO About Anything: CertificationFIDO Alliance
 
The Value of FIDO Certification
The Value of FIDO CertificationThe Value of FIDO Certification
The Value of FIDO CertificationFIDO Alliance
 
FIDO Certified Program: The Value of Certification
FIDO Certified Program: The Value of Certification FIDO Certified Program: The Value of Certification
FIDO Certified Program: The Value of Certification FIDO Alliance
 
FIDO Biometric Certification Program
FIDO Biometric Certification ProgramFIDO Biometric Certification Program
FIDO Biometric Certification ProgramFIDO Alliance
 
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionFIDO Alliance
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDOFIDO Alliance
 
FIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and RecommendationsFIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and RecommendationsFIDO Alliance
 
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication ComplianceFIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication ComplianceFIDO Alliance
 
WebAuthn & FIDO2
WebAuthn & FIDO2WebAuthn & FIDO2
WebAuthn & FIDO2Leonard Moustacchis
 
Fido Certification Program Process
Fido Certification Program ProcessFido Certification Program Process
Fido Certification Program ProcessFIDO Alliance
 
FIDO Privacy Principles and Approach
FIDO Privacy Principles and ApproachFIDO Privacy Principles and Approach
FIDO Privacy Principles and ApproachFIDO Alliance
 
FIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO Alliance
 
FIDO2 & Microsoft
FIDO2 & MicrosoftFIDO2 & Microsoft
FIDO2 & MicrosoftFIDO Alliance
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Alliance
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the EnterpriseJohn Rhoton
 
Lifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key DeploymentsLifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key DeploymentsFIDO Alliance
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationFIDO Alliance
 
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624Jean-François LOMBARDO
 
Securing a Web App with Security Keys
Securing a Web App with Security KeysSecuring a Web App with Security Keys
Securing a Web App with Security KeysFIDO Alliance
 
FIDO Authentication Account Recovery Framework at Yahoo Japan
FIDO Authentication Account Recovery Framework at Yahoo JapanFIDO Authentication Account Recovery Framework at Yahoo Japan
FIDO Authentication Account Recovery Framework at Yahoo JapanFIDO Alliance
 
FIDO UAF and PKI in Asia - Case Study and Recommendations
FIDO UAF and PKI in Asia - Case Study and RecommendationsFIDO UAF and PKI in Asia - Case Study and Recommendations
FIDO UAF and PKI in Asia - Case Study and RecommendationsFIDO Alliance
 
FIDO Certification
FIDO CertificationFIDO Certification
FIDO CertificationFIDO Alliance
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Alliance
 
Strong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital ServicesStrong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital ServicesFIDO Alliance
 
Overview of FIDO Security Requirements and Certifications
Overview of FIDO Security Requirements and CertificationsOverview of FIDO Security Requirements and Certifications
Overview of FIDO Security Requirements and CertificationsFIDO Alliance
 
FIDO Certified Program: Status & Futures
FIDO Certified Program: Status & FuturesFIDO Certified Program: Status & Futures
FIDO Certified Program: Status & FuturesFIDO Alliance
 

More Related Content

What's hot

Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionFIDO Alliance
 
FIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and RecommendationsFIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and RecommendationsFIDO Alliance
 
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication ComplianceFIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication ComplianceFIDO Alliance
 
Fido Certification Program Process
Fido Certification Program ProcessFido Certification Program Process
Fido Certification Program ProcessFIDO Alliance
 
FIDO Privacy Principles and Approach
FIDO Privacy Principles and ApproachFIDO Privacy Principles and Approach
FIDO Privacy Principles and ApproachFIDO Alliance
 
FIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO Alliance
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Alliance
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the EnterpriseJohn Rhoton
 
Lifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key DeploymentsLifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key DeploymentsFIDO Alliance
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationFIDO Alliance
 
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624Jean-François LOMBARDO
 
Securing a Web App with Security Keys
Securing a Web App with Security KeysSecuring a Web App with Security Keys
Securing a Web App with Security KeysFIDO Alliance
 
FIDO Authentication Account Recovery Framework at Yahoo Japan
FIDO Authentication Account Recovery Framework at Yahoo JapanFIDO Authentication Account Recovery Framework at Yahoo Japan
FIDO Authentication Account Recovery Framework at Yahoo JapanFIDO Alliance
 
FIDO UAF and PKI in Asia - Case Study and Recommendations
FIDO UAF and PKI in Asia - Case Study and RecommendationsFIDO UAF and PKI in Asia - Case Study and Recommendations
FIDO UAF and PKI in Asia - Case Study and RecommendationsFIDO Alliance
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Alliance
 
Strong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital ServicesStrong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital ServicesFIDO Alliance
 

What's hot (20)

Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
 
FIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and RecommendationsFIDO UAF and PKI in Asia: A Case Study and Recommendations
FIDO UAF and PKI in Asia: A Case Study and Recommendations
 
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication ComplianceFIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
 
WebAuthn & FIDO2
WebAuthn & FIDO2WebAuthn & FIDO2
WebAuthn & FIDO2
 
Fido Certification Program Process
Fido Certification Program ProcessFido Certification Program Process
Fido Certification Program Process
 
FIDO Privacy Principles and Approach
FIDO Privacy Principles and ApproachFIDO Privacy Principles and Approach
FIDO Privacy Principles and Approach
 
FIDO and the Future of User Authentication
FIDO and the Future of User AuthenticationFIDO and the Future of User Authentication
FIDO and the Future of User Authentication
 
FIDO2 & Microsoft
FIDO2 & MicrosoftFIDO2 & Microsoft
FIDO2 & Microsoft
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the Enterprise
 
Lifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key DeploymentsLifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key Deployments
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
 
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624
Identiverse 2019-navigating nist sp-800-63-3 -x a-ls cheat sheets-rev20190624
 
Securing a Web App with Security Keys
Securing a Web App with Security KeysSecuring a Web App with Security Keys
Securing a Web App with Security Keys
 
FIDO Authentication Account Recovery Framework at Yahoo Japan
FIDO Authentication Account Recovery Framework at Yahoo JapanFIDO Authentication Account Recovery Framework at Yahoo Japan
FIDO Authentication Account Recovery Framework at Yahoo Japan
 
FIDO UAF and PKI in Asia - Case Study and Recommendations
FIDO UAF and PKI in Asia - Case Study and RecommendationsFIDO UAF and PKI in Asia - Case Study and Recommendations
FIDO UAF and PKI in Asia - Case Study and Recommendations
 
FIDO Certification
FIDO CertificationFIDO Certification
FIDO Certification
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
 
Strong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital ServicesStrong Authentication and US Federal Digital Services
Strong Authentication and US Federal Digital Services
 

Similar to FIDO Certification Program Updates

Overview of FIDO Security Requirements and Certifications
Overview of FIDO Security Requirements and CertificationsOverview of FIDO Security Requirements and Certifications
Overview of FIDO Security Requirements and CertificationsFIDO Alliance
 
FIDO Certified Program: Status & Futures
FIDO Certified Program: Status & FuturesFIDO Certified Program: Status & Futures
FIDO Certified Program: Status & FuturesFIDO Alliance
 
Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication FIDO Alliance
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Alliance
 
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsIntegrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsFIDO Alliance
 
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationBeyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationFIDO Alliance
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationFIDO Alliance
 
Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusFIDO Alliance
 
Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical OverviewFIDO Alliance
 
Becoming an Inflectra Partner
Becoming an Inflectra PartnerBecoming an Inflectra Partner
Becoming an Inflectra PartnerInflectra
 
FIDO Specifications Tutorial
FIDO Specifications TutorialFIDO Specifications Tutorial
FIDO Specifications TutorialFIDO Alliance
 
Amped for FedRAMP
Amped for FedRAMPAmped for FedRAMP
Amped for FedRAMPRay Potter
 
Inflectra Partner Program 2022
Inflectra Partner Program 2022Inflectra Partner Program 2022
Inflectra Partner Program 2022Inflectra
 
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) SpecificationsCIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) SpecificationsCloudIDSummit
 
FIDO And the Future of User Authentication
FIDO And the Future of User AuthenticationFIDO And the Future of User Authentication
FIDO And the Future of User AuthenticationFIDO Alliance
 
4ipnet NFR Program
4ipnet NFR Program4ipnet NFR Program
4ipnet NFR Program4ipnet
 
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT EquipmentCybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT EquipmentOnward Security
 

Similar to FIDO Certification Program Updates (20)

Overview of FIDO Security Requirements and Certifications
Overview of FIDO Security Requirements and CertificationsOverview of FIDO Security Requirements and Certifications
Overview of FIDO Security Requirements and Certifications
 
FIDO Certified Program: Status & Futures
FIDO Certified Program: Status & FuturesFIDO Certified Program: Status & Futures
FIDO Certified Program: Status & Futures
 
FIDO Certification
FIDO CertificationFIDO Certification
FIDO Certification
 
FIDOAlliance
FIDOAllianceFIDOAlliance
FIDOAlliance
 
Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsIntegrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation Protocols
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
 
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationBeyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
 
Technical Principles of FIDO Authentication
Technical Principles of FIDO AuthenticationTechnical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
 
Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & Status
 
Fido Technical Overview
Fido Technical OverviewFido Technical Overview
Fido Technical Overview
 
Becoming an Inflectra Partner
Becoming an Inflectra PartnerBecoming an Inflectra Partner
Becoming an Inflectra Partner
 
FIDO Specifications Tutorial
FIDO Specifications TutorialFIDO Specifications Tutorial
FIDO Specifications Tutorial
 
Amped for FedRAMP
Amped for FedRAMPAmped for FedRAMP
Amped for FedRAMP
 
Inflectra Partner Program 2022
Inflectra Partner Program 2022Inflectra Partner Program 2022
Inflectra Partner Program 2022
 
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) SpecificationsCIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
 
FIDO And the Future of User Authentication
FIDO And the Future of User AuthenticationFIDO And the Future of User Authentication
FIDO And the Future of User Authentication
 
4ipnet NFR Program
4ipnet NFR Program4ipnet NFR Program
4ipnet NFR Program
 
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT EquipmentCybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT Equipment
 

More from FIDO Alliance

FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
 
OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxFIDO Alliance
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Alliance
 
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxCISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxFIDO Alliance
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Alliance
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)FIDO Alliance
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comFIDO Alliance
 
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向FIDO Alliance
 
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想FIDO Alliance
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesFIDO Alliance
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案FIDO Alliance
 
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察FIDO Alliance
 
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへFIDO Alliance
 
YubiOnが目指す未来
YubiOnが目指す未来YubiOnが目指す未来
YubiOnが目指す未来FIDO Alliance
 
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO Alliance
 
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例中小企業によるFIDO導入事例
中小企業によるFIDO導入事例FIDO Alliance
 
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスVPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスFIDO Alliance
 
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークCloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークFIDO Alliance
 

More from FIDO Alliance (20)

FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
 
OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
 
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxCISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptx
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
 
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向
 
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案
 
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察
 
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ
 
YubiOnが目指す未来
YubiOnが目指す未来YubiOnが目指す未来
YubiOnが目指す未来
 
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみた
 
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例中小企業によるFIDO導入事例
中小企業によるFIDO導入事例
 
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスVPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
 
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークCloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワーク
 

Recently uploaded

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 

Recently uploaded (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 

FIDO Certification Program Updates

  • 1. All Rights Reserved | FIDO Alliance | Copyright 2018 FIDO Certified Program Updates Authenticators, Biometrics & FIDO2
  • 2. All Rights Reserved | FIDO Alliance | Copyright 2018 2 Agenda • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
  • 3. All Rights Reserved | FIDO Alliance | Copyright 20183 CERTIFICATION GOALS • Enable implementations to be identified as officially FIDO certified • Ensure interoperability between FIDO officially recognized implementations • Promote the adoption of the FIDO ecosystem • Provide RPs with the ability to assess performance requirements for user authenticators • Provide the industry at large with a testing baseline for biometric component performance
  • 4. All Rights Reserved | FIDO Alliance | Copyright 20184 FIDO CERTIFIED ECOSYSTEM (SAMPLE) PHONES & PCs 475 FIDO Certified Implementations Today SECURITY KEYS CLOUD/SERVER SOLUTIONS
  • 5. All Rights Reserved | FIDO Alliance | Copyright 20185 LATEST CERTIFICATION UPDATES • Formal FIDO2 Interop occurred 20-23 August 2018 • Authenticator Certification Program Level 3 and 3+ • Utilizes the Companion Program for Certification • Biometric Certification Program • False Accept Rate • False Reject Rate • Presentation Attack Detection
  • 6. 6 AGENDA • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
  • 7. All Rights Reserved | FIDO Alliance | Copyright 20187 FIDO AUTHENTICATOR CERTIFICATION • The FIDO Authenticator Certification Program validates that Authenticators conform to the FIDO specifications (UAF/U2F/FIDO2) and allows vendors to certify the security characteristics of their implementations • After completing certification, vendors may use the FIDO logo on their products
  • 8. All Rights Reserved | FIDO Alliance | Copyright 20188 LEVELS PICTORIAL NOTE: For Authenticators that use a biometric the Biometric Certification is required at L2+ and higher.
  • 9. All Rights Reserved | FIDO Alliance | Copyright 20189 EXAMPLES
  • 10. All Rights Reserved | FIDO Alliance | Copyright 201810 SECURITY EVALUATION Level 3rd Party Lab Work Required Evaluation Style L1 None – evaluation is solely by FIDO Alliance Security Secretariat • System design review L1+ (preliminary) Vendor must hire a FIDO-approved lab • System design review • Code review • SW penetration test / attack potential calculation L2 Vendor must hire a FIDO-approved lab • System design review L2+ (preliminary) Vendor must hire a FIDO-approved lab1 • System design review • Code review • SW penetration test / attack potential calculation L3 Vendor must hire a FIDO-approved lab1 • System design review • Code review • HW penetration test / attack potential calculation L3+ Vendor must hire a FIDO-approved lab1 • System design review • Code review • HW penetration test / attack potential calculation 1 At level L2+ and higher, it should usually be the case that the platform HW and SW have already been certified and the FIDO vendor will only need to certify the FIDO-specific requirements (e.g. the authenticator is running on an already-certified TEE, Secure Element…)
  • 11. All Rights Reserved | FIDO Alliance | Copyright 201811 NEW COMPANION PROGRAM • Companion Programs are independent testing programs which FIDO partners with to lessen the certification burden • Example: Common Criteria or ISO/IEC 15408 • The vendor uses a FIDO created mapping document that maps program requirements from companion program to FIDO security requirements • The authenticator is evaluated on the delta requirements only • Companion Programs are currently required for Authenticator Security levels 3 and 3+ More information can be found on the FIDO Alliance website: https://fidoalliance.org/fido-authenticator-certification-companion- program/
  • 12. FIDO Alliance | All Rights Reserved | Copyright 201812 CHANGES AFTER INITIAL CERTIFICATION Delta Certification is a process to verify that a Certified implementation still meets requirements for the following cases: • Product upgrades • Version upgrade • Level downgrades • Security vulnerability • Post suspension
  • 13. All Rights Reserved | FIDO Alliance | Copyright 201813 CHANGES AFTER INITIAL CERTIFICATION Derivative Certification: • Products or services that rely upon existing Certified implementations for conformance with FIDO specifications • A Derivative implementation may not modify, expand, or remove FIDO functionality from the Certified implementation on which it is based
  • 14. 14 AGENDA • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
  • 15. FIDO Alliance | All Rights Reserved | Copyright 201815 FIDO CERTIFICATION PURPOSE The FIDO Biometric Certification Program is intended to certify biometric components and/or subsystems and is independent from Authenticator Certification Program
  • 16. All Rights Reserved | FIDO Alliance | Copyright 201816 TESTING STEP 1: BIOMETRIC SUBCOMPONENT
  • 17. FIDO Alliance | All Rights Reserved | Copyright 201817 ALLOWED INTEGRATION DOCUMENT • Developed by vendor and submitted to lab • Used to document changes necessary to accommodate integration with authenticator • Must include explanation of possible software and hardware changes
  • 18. All Rights Reserved | FIDO Alliance | Copyright 201818 TESTING STEP 2: AUTHENTICATOR
  • 19. All Rights Reserved | FIDO Alliance | Copyright 201819 AUTHENTICATOR CERTIFICATION Using a Certified Biometric Subcomponent: • Optional for Authenticators using a Biometric at L1-L2. • The Security Requirements enforce Biometric Certification of the biometric at L3 and higher when a biometric is used in the authenticator. • Once L2+ is finalized Biometric Certification will also be required • Results in a “FIDO Certified” Authenticator
  • 20. FIDO Alliance | All Rights Reserved | Copyright 201820 BIOMETRIC DEFINITIONS • False Accept Rate (FAR): The proportion of verification transactions with wrongful claims of identity that are incorrectly confirmed • False Reject Rate (FRR): The proportion of verification transactions with truthful claims of identity that are incorrectly denied • Impostor Attack Presentation Match Rate (IAPMR): Proportion of presentation attacks in which the target reference is matched
  • 21. FIDO Alliance | All Rights Reserved | Copyright 201821 BIOMETRIC PERFORMANCE LEVELS • Biometric Requirements: • False Accept Rate (FAR): SHALL meet the requirement of less than 1:10,000 for the upper bound of a 80% confidence interval. FAR is measured at the transaction level. • False Reject Rate (FRR): SHALL meet the requirement of less than 3:100 for the upper bound of a 80% confidence interval. FRR is measured at the transaction level. • Presentation Attack Detection: SHALL be performed by the FIDO-accredited independent testing laboratory on the TOE provided by vendor. The evaluation measures the Impostor Attack Presentation Match Rate for each presentation attack type, as defined in ISO 30107 Part 3. NOTE: FIDO-accredited independent testing laboratory performs live subject scenario testing on the TOE provided by vendor using a combination of on-line/off-line testing, as well as presentation attack testing, based on ISO 19795-1 and ISO 30107-3.
  • 22. FIDO Alliance | All Rights Reserved | Copyright 201822 SELF-ATTESTATION - OPTIONAL • Biometric Requirements: • False Accept Rate (FAR): The vendor SHALL attest to an FAR of [1:25,000 or 1:50,000 or 1:75,000 or 1:100,000] at an FRR of 3% or less. • False Reject Rate (FRR): The vendor SHALL attest to an FRR at no greater than 3% as measured when determining the self-attested FAR. In other words, self attestation for FRR is only possible when self attesting for FAR. NOTE: Self-attestation for FAR and FRR shall be supported by test data and documented in a report submitted to lab from vendor.
  • 23. 23 AGENDA • The Value of FIDO Certification + Program Updates • FIDO Authenticator Certification Program • FIDO Biometric Certification Program • Getting Started with Your Certification • Q & A
  • 24. FIDO Alliance | All Rights Reserved | Copyright 201824 ROLES AND RESPONSIBILITIES Working Groups Secretariats Security Review Team Certification Trouble Shooting Accredited Labs Vendors Partner Programs OEMs
  • 25. All Rights Reserved | FIDO Alliance | Copyright 201625 GETTING STARTED: FUNCTIONAL CERTIFICATION Register for Self-Conformance Test Tool Access : https://fidoalliance.org/test-tool-access-request/ • For UAF, you will need to complete both automated and manual testing • UAF Authenticators only will need a Vendor ID: http://fidoalliance.org/vendor-id-request/ Complete Self-Conformance Testing at least two weeks prior to interoperability event. Elect to Participate in Pre-Testing in the two weeks prior to the interoperability event (recommended) Register for and attend the next interoperability event: https://fidoalliance.org/interop-registration/ Next Interoperability Event Host: Seoul, S. Korea, 12-15 November 2018 (Location TBD). Registration opening soon.
  • 26. All Rights Reserved | FIDO Alliance | Copyright 201826 INTEROP TESTING OVERVIEW • Existing Process – Interop Testing • Interop every 90 days • Plan ahead! May impact product schedules… • New Process – On Demand Testing • Pick your testing date from a calendar • Servers: remote / virtual testing • Authenticators: ship device or in-person testing • Convenience and fast turn-around On Demand Testing Virtual Shipped In-Person
  • 28. All Rights Reserved | FIDO Alliance | Copyright 201828 GETTING STARTED – BIOMETRIC CERTIFICATION Apply for Biometric component certification • Request an account: https://fidoalliance.org/certification/certification- account-request/ Select an Accredited Biometric Lab and agree to terms for testing • Biometric Accredited Lab list: https://fidoalliance.org/fido-accredited-biometric-laboratories/
  • 30. All Rights Reserved | FIDO Alliance | Copyright 201830 Connect with FIDO fidoalliance.org