[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A Biometric WSO2 Federated Authenticator

•

1 like•477 views

This slide deck describes the Veridium Authenticator - a biometric federated authenticator - its design, implementation and customer deployments using WSO2 Identity Server in front of many service providers including GSuite, AWS, Dropbox, Office365, Citrix Netscaler, and Storefront. Watch video: https://wso2.com/library/conference/2018/07/wso2con-usa-2018-design-and-implementation-of-the-veridium-authenticator/

Technology

Design and Implementation of the Veridium Authenticator:
A Biometric WSO2 Federated Authenticator
John Callahan, CTO
© 2018 Veridium IP Ltd. All Rights Reserved 1

OUR APPROACH
Single-Step Multi-Factor Biometric Authentication
PHONE
What You Have
PIN CODE
What You Know
BIOMETRICS
What You Are
© 2018 Veridium IP Ltd. All Rights Reserved 2

OUTLINE
© 2018 Veridium IP Ltd. All Rights Reserved 3
• Products
VeridiumID
VeridiumAD
4Fingers TouchlessID
• Biometric Authentication
Push notification
QR-code mode
• Configuration
Not covered:
• Conditional MFA via XACML (in WSO IS 5.6+)
• Use with WSO2 API Manager (OAuth2 use cases)

PRODUCTS
Platform Enterprise Plugin Biometrics
© 2018 Veridium IP Ltd. All Rights Reserved 4

VERIDIUMID
© 2018 Veridium IP Ltd. All Rights Reserved 5
Authenticate • Authorize • Access
Extensible Platform

IEEE 2410-2017
Biometric Open Protocol Standard (BOPS)

2410-2017 configuration options
Storage
Matching
Mobile Server
Mobile
✅
(FIDO UAF compliant)
✅
Server ✅ ✅
Shares
(both mobile and server) ✅ ✅
Proprietary and Confidential 7

• VeridiumAD (VAD) is an enterprise plugin that extends VeridiumID (VID)
to Microsoft Active Directory (AD) environments
• VAD can replace passwords for companies using AD and for companies
using Citrix StoreFront and AD
• VAD can replace software or hardware tokens as a second-factor for
enterprises using AD with NetScaler or other VPNs using RADIUS
• Offline login is supported
• VAD is verified as Citrix Ready
VERIDIUMAD
© 2018 Veridium IP Ltd. All Rights Reserved 8

• False rejection rate (FRR) is as low as 2% at a
false acceptance rate (FAR) of 0.1%
• 4 Fingers is one of the most secure biometrics
available
• More secure than Face, Touch ID, or Voice
4 Fingers is reliable in
any environment
4 FINGERS TOUCHLESSID
© 2018 Veridium IP Ltd. All Rights Reserved 9

Integration
© 2018 Veridium IP Ltd. All Rights Reserved 10

PUSH NOTIFICATION MODE
© 2018 Veridium IP Ltd. All Rights Reserved 11

PUSH NOTIFICATION MODE
© 2018 Veridium IP Ltd. All Rights Reserved 12

© 2018 Veridium IP Ltd. All Rights Reserved 14

QR-CODE MODE
© 2018 Veridium IP Ltd. All Rights Reserved 15

© 2018 Veridium IP Ltd. All Rights Reserved 16

INTEGRATED DEMO
© 2018 Veridium IP Ltd. All Rights Reserved 17

© 2018 Veridium IP Ltd. All Rights Reserved 18

CONFIGURATION
© 2018 Veridium IP Ltd. All Rights Reserved 19

© 2018 Veridium IP Ltd. All Rights Reserved 20

© 2018 Veridium IP Ltd. All Rights Reserved 21

© 2018 Veridium IP Ltd. All Rights Reserved 22

© 2018 Veridium IP Ltd. All Rights Reserved 23

SELECTED AWARDS & RECOGNITION
Winner of the DFS Tech Biometrics
Challenge, Sponsored by the Bill &
Melinda Gates Foundation
ABA 2018 Stevie Silver Winner -
Most Innovative Tech Company of
the Year - Up to 100 Employees
2017 Winner of Innovative Tech of
the Year (Security)
Cyber Defense Magazine 2018
Infosec Awards Best Product –
Multi-Factor Authentication
Fast Company World Changing
Ideas 2018 Finalist
Selected Vendor – Biometric
Authentication Methods in
six 2017 Hype Cycles
Entrepreneurial Company of the
Year - Biometric Authentication
Solutions Industry
KNOW Identity Awards 2018 Finalist
Greatest Social Impact Through
Identity & CEO of the Year
InfoSecurity Products Guide Global
Excellence Awards 2018 Bronze
Winner: Authentication
Sovrin Stewart – Veridium iBeta Independent Accuracy Report
2017 CRN Emerging Vendor in
Security
Certified to match against Peru's
national fingerprint database
© 2018 Veridium IP Ltd. All Rights Reserved
CRADA with NIST Contactless
Fingerprint Capture program (SP
500-305)
Member of the Decentralized
Identity Foundation (DIF) .
C
O
M
IN
G
SO
O
N

What's hot

Open Banking and PSD2: Are your APIs ready for external testing?

WSO2

Every thriving API program leverages the elements from business and technology equally. Alignment of business and technology strategy, the synergy between business and technical teams, and adaptability to the changes coming from either business or technology are fundamental characteristics of such an environment. Asanka will look at four areas, federation and business models, moving to the cloud, polyglot and heterogeneous approach, and modernizing development during this talk. He will also share real-world examples based on his involvement in numerous success stories.

[API Word 2021] - Quantum Duality of “API as a Business and a Technology”

WSO2

INTERFACE, by apidays - Lessons learned from implementing our custom ‘Big Da...

apidays

APIdays Paris 2019 - Zero Downtime in API Management by Waldemar Rosenfeld, A...

apidays

When productizing your APIs to create new sources of revenue or to improve user experience with modern apps or services, your toughest challenge will likely come from ensuring API quality as you accelerate up to DevOps speeds. Along with a much faster time to market, you will need to handle the high complexity and potential costs and security risks that come with a proliferation of integrations. Increasingly, companies are solving their quality-at-speed challenges with continuous API management that extend across the whole product lifecycle. However, continuous API management leaves QA vulnerabilities that can only be covered by the right continuous testing solution. Join this webinar to learn what those vulnerabilities look like, and how to unify API management and API testing to solve the problem via two cloud-native platforms. Simplify QA in the product lifecycle through Design, Build, Test, and Release, and enforce a standardized testing/QA policy across the entire organization. The slide deck will showcase: - What makes a good API product - The API product mantra - The importance of API testing - How companies can achieve quality at DevOps speed - How to release more reliable, better-performing APIs Watch the on-demand webinar here - https://wso2.com/library/webinars/best-practices-for-productizing-apis-with-api-management-and-automated-testing/

Best Practices for Productizing APIs with API Management and Automated Testing

WSO2

The next generation of banking revolves around consumer experiences, with success hinging on the ability to offer consumers personalised value in their moment of need. Collaborating with a diverse ecosystem of partners is essential for banks to consistently deliver this experience at scale. However, traditional banking, built on complex internalised processes, was not built for this. As a solution, Dassana will introduce “the Banking Experience Canvas”, a technical framework built on unbundled banking services made available via APIs on a service mesh. He will demonstrate how this enables deeper collaboration with agile service providers, further empowering consumers to stitch together highly relevant financial services experiences from the bank and a rich fintech ecosystem. Watch the session on-demand here: https://wso2.com/library/summit-2020/emea/fintech-ecosystems-consumer-experiences/

[WSO2 Summit EMEA 2020] Fintech Ecosystems & Consumer Experiences: The Next G...

WSO2

Enterprises are increasingly adopting different types of devices into their business operations every day. Some of these are standard mobile devices such as tablets, smartphones, and laptops, while other categories of devices such as sensors, PLCs, communication gateways, edge computing devices, CCTV cameras, etc. are also heavily used to monitor and control various areas that impact the business supply/consumption chain. When using these types of devices, business processes must be changed to enable seamless communications while adhering to the rest of the enterprise application development paradigms. This is when a unified set of API endpoints (UEM) representing complete enterprise device deployment becomes a game-changer. This deck discusses how the Entgra IoT Platform offers a standardized set of APIs for making enterprise device onboarding simpler, be it standard mobile devices traditionally managed through MDMs or IoTtype of devices. The Entgra IoT Platform was formerly known as the WSO2 IoT Platform and it is now developed and supported by the same team that nurtured in at WSO2 under Entgra brand. Watch the session on-demand here: https://wso2.com/library/summit-2020/apac/unified-endpoint-management-apis-for-enterprise-devices/

[WSO2 Summit APAC 2020] Unified Endpoint Management APIs for Enterprise Devices

WSO2

[WSO2 Summit Americas 2020 ] Fintech Ecosystems & Consumer Experiences: The N...

WSO2

apidays LIVE London 2021 - Presenting the Kubernetes Browser by Daria Muehlet...

apidays

Invansys Technologies

tarungupta19

What's New With WSO2 Open Banking

WSO2

apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...

apidays

Digital transformation is the integration of digital technology into all areas of a business, fundamentally changing how you operate and deliver value to customers. It's also a cultural change that requires organizations to continually challenge the status quo, experiment, and get comfortable with failure. It is essential that you integrate digital technology into all areas of business so that your business can be agile and adapts to changing circumstances. Microservices architecture gives you the agility required to build a digital business, while APIs are the enablers for turning a conventional business into a digital business. In this webinar, we will discuss how an enterprise can adopt an API-first approach for building a digital business leveraging microservices architecture. We will explain and show the business benefits of: - An API-first approach for building a digital business - How microservices enables business agility - Building and integrating your microservices - Modernization of your legacy applications - How to leverage the WSO2 API integration platform to build a digital business. Watch the webinar on-demand here - https://wso2.com/library/webinars/api-first-integration-for-microservices/

API-first Integration for Microservices

WSO2

Cloud-native architectures have evolved over the past decade to meet the demands of adaptive digital platforms. Deployment automation, frequent rollouts, resiliency, and fault tolerance will play a key role in the success of these digital platforms. In this deck, Anupama will discuss the importance of cloud-native architectures and platforms to build effective digital platforms. Watch the session on-demand here: https://wso2.com/library/summit-2020/apac/automating-an-integrated-api-supply-chain-using-a-cloud-native-architecture/

[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...

WSO2

APIs now serve as the primary building blocks for assembling data, events, and services from within the organization, throughout ecosystems, and across devices. Integrated legacy systems and support for modern event-driven architectures, on the other hand, are critical in allowing timely, relevant digital experiences in response to customer behavior. To support these demands, WSO2 has added significant new capabilities to WSO2 API Manager 4.0.0. Complete support for streaming APIs and event-driven architecture (EDA) The first solution to support full implementation of the AsyncAPI specification A Service Catalog to enable developers to discover a given service seamlessly API / API product revisioning to keep track of the changes Feature-rich, cloud-based analytics for easy integration You will gain a full understanding of WSO2 API Manager 4.0.0 features and how they cater to current API Management demands by attending this webinar. DURING THE WEBINAR, WE WILL COVER: Experience the power and synergy of Service Integration and API Management in a fully functional API ecosystem Understand the motivation behind WSO2 API Manager 4.0.0 release New streaming and event-driven architecture support available in API Manager 4.0.0 Learn the importance of catering all API Management and integration demands with one connected platform Explore other new features and enhancements to the product

The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0

WSO2

apidays LIVE London 2021 - Banking APIs Evolution by Hector Arias, BBVA

apidays

Watch the on-demand webinar here: https://wso2.com/library/webinars/an-entry-point-to-impactful-open-banking-architecture/ Description: Banks in Europe, the UK, and Australia have been hard at work prototyping new use cases and operating models that leverage open data and collaboration. In regions like Africa, Latin America, and South and Southeast Asia, we are seeing customer demand and shifting expectations drive increased adoption of open banking models, even where regulation doesn't explicitly require it. A growing number of fintechs and “challenger banks” have emerged seeking to capitalize on customers looking for easier and more intuitive financial experiences. In this deck we’ll cover how you can make the most of these developments and invest in the long term. Discussion topics include: Open banking fundamentals as relevant to systems design with reference to PSD2 specifications and the Australian Consumer Data Standards, along with related concepts from the GDPR regime. Open banking reference architectures to create adaptable open APIs, open data, and open platforms for technical and business agility. Leveraging internal capabilities and data to craft a competitive advantage. Beyond open banking - Banking Product Design Canvas, the Banking 4.0: Digital Factory, and the SMB Capability Uplift.

An Entry Point to Impactful Open Banking Architecture

WSO2

Most businesses nowadays have set out on their journey of digital transformation. Unfortunately most businesses have not really understood what digital transformation is. Most think, there is an end to the journey and it could be approached just like any other project. This presentation debunks the most common misconceptions on digital transformation and introduce a lean, pragmatic approach to it. It all starts by being “API Aware”. The presentation includes what the WSO2 platform brings to the table in order to make every stakeholder API aware in a digital transformation journey in a lean manner with predictable results.

[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset

WSO2

With the increased usage of SaaS applications, the need for hybrid integration has become a key element in any integration project. Therefore, an integration platform should support both on-premise and hybrid integration capabilities. This deck will explore the following in detail: - Hybrid integration platforms and what elements WSO2 Integration solutions provide to cater to modern requirements. - The latest trends and best practices to follow when designing an API-centric integration platform. - How hybrid integration can be accommodated in a microservices-based architecture or tried and tested centralized ESB style architecture. Watch the webinar on-demand here: https://wso2.com/library/webinars/2020/03/api-centric-hybrid-integration-platform-for-microservices-or-esb-style-architecture/

API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...

WSO2

apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...

apidays

What's hot (20)