EXPERIENCE SIMPLER, STRONGER AUTHENTICATION
|
|
- Merry Snow
- 5 years ago
- Views:
Transcription
1 1 EXPERIENCE SIMPLER, STRONGER AUTHENTICATION
2 2 Data Breaches are out of control
3 3 IN data breaches 82 million personal records stolen $3.5 million average cost per breach
4 4 We have a PASSWORD PROBLEM
5 5 TOO MANY TO REMEMBER, DIFFICULT TO TYPE, AND TOO VULNERABLE Re-used Phished Keylogged
6 6 Adding more authentication has largely been rejected by users
7 7 ONE-TIME PASSCODES Improve security but aren t easy enough SMS Reliability Token Necklace Poor User Experience Still Phishable
8 8 WE NEED A NEW MODEL Fast IDentity Online
9 9 THE OLD PARADIGM OTP 2FA Passwords PINs SECURITY USABILITY
10 10 THE FIDO PARADIGM SECURITY Weak Strong OTP 2FA Passwords PINs Poor Good USABILITY
11 10 Single Sign-On Federation MODERN AUTHENTICATION Authentication Passwords Strong Risk-Based User Management Physical-to-digital identity 11
12 12 HOW DOES FIDO WORK? USER VERIFICATION FIDO AUTHENTICATION AUTHENTICATOR
13 13 Passwordless Experience (FIDO UAF Standards) $10,000 Success Transfer Now Transaction Detail User Authentication Done Second Factor Experience (FIDO U2F Standards) 1 2 Success 3 Login & Password Insert dongle Press Button Done
14 14 Fido Registration User Approval New Key Created Registration Begins 4 Key Registered using Public Key Cryptography
15 15 Fido Login Login Challenge Key Selected Login User Approval 4 Login Complete Login Response using Public Key Cryptography
16 16 online authentication using public key cryptography
17 17 THE BUILDING BLOCKS FIDO USER DEVICE BROWSER/APP RELYING PARTY WEB SERVER FIDO CLIENT TLS Server Key FIDO SERVER FIDO UPDATE ASM FIDO AUTHENTICATOR Cryptographic authentication key reference DB Authenticator Metadata & attestation trust store Authentication keys Attestation keys METADATA SERVICE
18 18 ATTESTATION & METADATA Signed Attestation Object Verify using trust anchor Included in Metadata FIDO Authenticator FIDO Server Metadata Understand Authenticator security characteristic by looking into Metadata (and potentially other sources)
19 19 FIDO UNIVERSAL 2 ND FACTOR Is a user present? USER VERIFICATION FIDO AUTHENTICATION AUTHENTICATOR Same authenticator as registered before?
20 20 Step 1 U2F AUTHENTICATION DEMO EXAMPLE
21 21 Step 2 U2F AUTHENTICATION DEMO EXAMPLE
22 22 Step 3 U2F AUTHENTICATION DEMO EXAMPLE
23 23 Step 4 U2F AUTHENTICATION DEMO EXAMPLE +Bob
24 24 FIDO UNIVERSAL AUTHENTICATION FRAMEWORK UAF Same User as enrolled before? Same Authenticator as registered before? USER VERIFICATION FIDO AUTHENTICATION AUTHENTICATOR
25 25 STEP 1 UAF AUTHENTICATION DEMO EXAMPLE
26 26 STEP 2 UAF AUTHENTICATION DEMO EXAMPLE
27 27 STEP 3 UAF AUTHENTICATION DEMO EXAMPLE
28 28 STEP 4 UAF AUTHENTICATION DEMO EXAMPLE
29 29 USABILITY, SECURITY and PRIVACY
30 30 No 3rd Party in the Protocol No Secrets on the Server side Biometric data (if used) never leaves device No link-ability between Services or Accounts
31 31 Better Security for online services Reduced cost for the enterprise Simple & Safe for consumers
32 32 The FIDO Alliance is an open association of more than 180 diverse member organizations
33 33 Online Services Chip Providers Device Providers Biometrics Vendors Enterprise Servers Platform Providers Board Members
34 34 FIDO TIMELINE FIDO 1.0 FINAL Specification FIDO Ready Program Specification Review Draft First UAF & U2F Deployments Alliance Announced FEB 2013 (6 Members) DEC 2013 (59 Members) FEB 2014 (84 Members) FEB-OCT 2014 (129 Members) DEC (152 Members)
35 35 News from the front The significance of early 2015 announcements
36 36 Windows used by 1.5 billion users Windows 10 in 190 countries by Q3 Free upgrade FIDO in Windows 10
37 37 First healthcare deployment Physician access to health records up to 50 million Healthcare users FIDO in Healthcare
38 38 PayPal continues FIDO enablement in improved mobile wallet app. Google has FIDO in Chrome and 2-Step Verification. Samsung adds touch to Galaxy S6 and ships FIDO on all Galaxy devices 2014 Deployments
39 39 A range of FIDO PRODUCTS is now available
40 40 Online Services Chip Providers Device Providers Biometrics Technology Providers Implementing 1.0 Specifications (this is only a subset of active implementations) Enterprise Servers Open Source Mobile Apps/Clients WWW Browsers
41 41 JOIN THE FIDO ALLIANCE
42 42 EXPERIENCE SIMPLER, STRONGER AUTHENTICATION
EXPERIENCE SIMPLER, STRONGER AUTHENTICATION
1 EXPERIENCE SIMPLER, STRONGER AUTHENTICATION 2 Data Breaches are out of control 3 IN 2014... 783 data breaches >1 billion records stolen since 2012 $3.5 million average cost per breach 4 We have a PASSWORD
More informationWho What Why
Who What Why Board Members Sponsors Associates To Change Authentication Online by: (a) Developing unencumbered Specifications that define interoperable mechanisms that supplant reliance on passwords (b)
More informationFIDO AND PAYMENTS AUTHENTICATION. Philip Andreae Vice President Oberthur Technologies
FIDO AND PAYMENTS AUTHENTICATION Philip Andreae Vice President Oberthur Technologies The Problem The Solution The Alliance Updates Data Breaches 781 data breaches in 2015 170 million records in 2015 (up
More informationA NEW MODEL FOR AUTHENTICATION
All Rights Reserved. FIDO Alliance. Copyright 2016. A NEW MODEL FOR AUTHENTICATION ENABLING MORE EFFICIENT DIGITAL SERVICE DELIVERY Jeremy Grant jeremy.grant@chertoffgroup.com Confidential 5 The world
More informationFIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication
FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication Jeremy Grant Managing Director, Technology Business Strategy Venable LLP jeremy.grant@venable.com @jgrantindc Digital: The Opportunity
More informationFIDO TECHNICAL OVERVIEW. All Rights Reserved FIDO Alliance Copyright 2018
FIDO TECHNICAL OVERVIEW 1 HOW SECURE IS AUTHENTICATION? 2 CLOUD AUTHENTICATION Risk Analytics Something Device Internet Authentication 3 PASSWORD ISSUES 2 Password might be entered into untrusted App /
More informationFIDO ALLIANCE: UPDATES & OVERVIEW BRETT MCDOWELL EXECUTIVE DIRECTOR. All Rights Reserved FIDO Alliance Copyright 2017
FIDO ALLIANCE: UPDATES & OVERVIEW BRETT MCDOWELL EXECUTIVE DIRECTOR 1 250+ MEMBER & PARTNER ORGANIZATIONS GLOBALLY FIDO board members include leading global brands and technology providers + SPONSOR MEMBERS
More informationTHE FUTURE OF AUTHENTICATION FOR THE INTERNET OF THINGS
THE FUTURE OF AUTHENTICATION FOR THE INTERNET OF THINGS FIDO ALLIANCE WEBINAR MARCH 28, 2017 1 INTRODUCTION TO THE FIDO ALLIANCE ANDREW SHIKIAR SENIOR DIRECTOR OF MARKETING MARCH 28, 2017 2 THE FACTS ON
More informationDeprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018
Deprecating the Password: A Progress Report Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018 The password problem Alpha-numeric passwords are hard for humans to remember and easy
More informationInternet is Global. 120m. 300m 1.3bn Users. 160m. 300m. 289m
UAF Protocol Internet is Global 120m 300m 1.3bn Users 160m 289m 300m #Users 2014 Google: 2013 Twitter: 2015 Devices without physical keyboard How Secure is Authentication? Cloud Authentication Password
More informationStop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico
1 Stop sweating the password and learn to love public key cryptography Chris Streeks Solutions Engineer, Yubico Stop Sweating the Password! 2 Agenda Introduction The modern state of Phishing How to become
More informationFIDO AS REGTECH ADDRESSING GOVERNMENT REQUIREMENTS. Jeremy Grant. Managing Director, Technology Business Strategy Venable LLP
FIDO AS REGTECH ADDRESSING GOVERNMENT REQUIREMENTS Jeremy Grant Managing Director, Technology Business Strategy Venable LLP jeremy.grant@venable.com :: @jgrantindc 1 WHAT IS REGTECH? RegTech: Technology
More informationNext Gen Security Technologies for Healthcare Authentication
Next Gen Security Technologies for Healthcare Authentication Session 261, March 8, 2018 Abbie Barbir, Senior Security Adviser, Aetna Brett McDowell, Executive Director, FIDO Alliance 1 Conflict of Interest
More informationMore than just being signed-in or signed-out. Parul Jain, Architect,
More than just being signed-in or signed-out Parul Jain, Architect, Intuit @ParulJainTweety Why do we care? TRUST & SECURITY EASE OF ACCESS Can t eliminate friction? Delay it Authentication Levels to balance
More informationAttacking Your Two-Factor Authentication (PS: Use Two-Factor Authentication)
Attacking Your Two-Factor Authentication (PS: Use Two-Factor Authentication) 08 Jun 2017 K-LUG Technical Meeting Rochester, MN Presented by: Vi Grey Independent Security Researcher https://vigrey.com Who
More informationAddressing Credential Compromise & Account Takeovers: Bearersensitive. Girish Chiruvolu, Ph.D., CISSP, CISM, MBA ISACA NTX April 19
Addressing Credential Compromise & Account Takeovers: Bearersensitive OTPS Girish Chiruvolu, Ph.D., CISSP, CISM, MBA ISACA NTX April 19 Impact Across Every Industry Phishing: Low Cost, Big Impact for
More informationADOPTING FIDO SearchSecurity
E-Guide SearchSecurity T he inability of passwords to keep online accounts secure has been recognized for quite some time, but the IT industry has struggled to establish a practical alternative. PAGE 2
More informationBreaking FIDO Yubico. Are Exploits in There?
Breaking FIDO Are Exploits in There? FIDO U2F (Universal 2nd Factor) Analyzing FIDO U2F Attack and Countermeasures Implementation Considerations Resources 2 User Experience 1. Enter username/pwd 2. Insert
More informationTECHNICAL WHITE PAPER FIDO APPROACHES: NOK NOK LABS S3 SUITE VS BUILD YOUR OWN FIDO
TECHNICAL WHITE PAPER FIDO APPROACHES: NOK NOK LABS S3 SUITE VS BUILD YOUR OWN FIDO TABLE OF CONTENTS Executive Summary... 3 FIDO Solution Requirements... 3 FIDO UAF Client infrastructure... 4 FIDO UAF
More informationBIDMC Multi-Factor Authentication Enrollment Guide Table of Contents
BIDMC Multi-Factor Authentication Enrollment Guide Table of Contents Definitions... 2 Summary... 2 BIDMC Multi-Factor Authentication Enrollment... 3 Common Multi-Factor Authentication Enrollment Issues...
More informationSecuring today s identity and transaction systems:! What you need to know! about two-factor authentication!
Securing today s identity and transaction systems:! What you need to know! about two-factor authentication! 1 Today s Speakers! Alex Doll! CEO OneID Jim Fenton! Chief Security Officer OneID 2 Contents!
More informationEMERGING TRENDS AROUND AUTHENTICATION
EMERGING TRENDS AROUND AUTHENTICATION Michelle Salway Senior Director Sales - EMEA May 2017 1 BIOMETRICS: A GIFT FROM THE DEVICE MAKERS & BIOMETRIC VENDORS DEVICES ARE RICH IN AUTHENTICATION CAPABILITIES,
More informationFIDO & PSD2. Providing for a satisfactory customer journey. April, Copyright 2018 FIDO Alliance All Rights Reserved.
FIDO & PSD2 Providing for a satisfactory customer journey April, 2018 Copyright 2018 FIDO Alliance All Rights Reserved. 1 Introduction When PSD2 is deployed in Europe, users will be able to take advantage
More informationICE CLEAR EUROPE DMS GLOBAL ID CREATION USER GUIDE VERSION 1.0
ICE CLEAR EUROPE DMS GLOBAL ID CREATION USER GUIDE VERSION 1.0 August 2017 Date Version Description August 2017 1.0 Initial Draft 1. Single Sign On... 2 2. To register for SSO on the Global ID webpage...
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationSurePassID ServicePass User Guide. SurePassID Authentication Server 2017
SurePassID ServicePass User Guide SurePassID Authentication Server 2017 Introduction This technical guide shows how users can manage their SurePassID security tokens that are compatible with SurePassID
More informationDissecting NIST Digital Identity Guidelines
Dissecting NIST 800-63 Digital Identity Guidelines KEY CONSIDERATIONS FOR SELECTING THE RIGHT MULTIFACTOR AUTHENTICATION Embracing Compliance More and more business is being conducted digitally whether
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis H2020 Clustering
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis SAINT Workshop
More informationUnlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.
Unlocking Office 365 without a password How to Secure Access to Your Business Information in the Cloud without needing to remember another password. Introduction It is highly likely that if you have downloaded
More informationITU-T SG 17 Q10/17. Trust Elevation Frameworks
ITU-T SG 17 Q10/17 Trust Elevation Frameworks Abbie Barbir, Ph.D. ITU-T SG 17 Q10 Rapporteur Martin Euchner SG 17 Advisor ITU Workshop on "Future Trust and Knowledge Infrastructure July 1 2016 Contents
More informationBlackBerry Enterprise Identity
Datasheet BlackBerry Enterprise Identity The Challenge: Cloud services are critical in today s enterprises, yet a reliance on the cloud comes with real and growing security risks. Enterprises want a simple,
More informationWe Believe: The market will soon require:
DualAuth Our logo is a stylized expression of the Chinese philosophy of Yin and Yang, applied to the online authentication process. We bring serenity and safety by including the needs of both the user
More informationInstallation Guide for Android Revision v4.02, November 29th 2016
Installation Guide for Android Revision v4.02, November 29th 2016 Guide AirWatch Agent setup MobileWork@statoil Before you begin, please make sure that you: 1. You need a Google Account. If you haven t
More informationEPCS stands for Electronic Prescribing of Controlled Substances.
This EPCS training Webinar contains instructions on how doctors, who use VISUAL EMR, can purchase a token to enable them to sign orders for controlled substances. EPCS stands for Electronic Prescribing
More informationDuo End User Education Templates
Duo End User Education Email Templates Table of Contents Email Communication Best Practices Email Templates Email #1 - Duo is coming soon, no immediate action required. Email #2 - Duo is coming on ,
More informationPaystar Remittance Suite Tokenless Two-Factor Authentication
Paystar Remittance Suite Tokenless Two-Factor Authentication Introduction Authentication is the process by which a computer system positively identifies a user It is commonly considered to be one of the
More informationA privacy-preserving authentication service using mobile devices
A privacy-preserving authentication service using mobile devices Mihai Togan Security Software Architect certsign Context Mobile devices Present everywhere What to consider High performance Computing power
More informationEnterprise Adoption Best Practices
Enterprise Adoption Best Practices Managing FIDO Credential Lifecycle for Enterprises April 2018 Copyright 2018 FIDO Alliance All Rights Reserved. 1 Audience This white paper is aimed at enterprises deploying
More informationHow Next Generation Trusted Identities Can Help Transform Your Business
SESSION ID: SPO-W09B How Next Generation Trusted Identities Can Help Transform Your Business Chris Taylor Senior Product Manager Entrust Datacard @Ctaylor_Entrust Identity underpins our PERSONAL life 2
More informationRHS EPCS Webinar 1 of 3
RHS EPCS Webinar 1 of 3 1 How to obtain a USB Token and a Token Passcode Who should attend? Doctors at your facility who prescribe controlled substances. 2 New York State Department of Health (DOH) Please
More informationAuthentication Work stream FIGI Security Infrastructure and Trust Working Group. Abbie Barbir, Chair
Authentication Work stream FIGI Security Infrastructure and Trust Working Group Abbie Barbir, Chair Security, Infrastructure, Trust Working Group To enhance confidence in using Digital Financial Services
More informationTRUE PASSWORD-LESS SECURITY
TRUE PASSWORD-LESS SECURITY A HYPR published study on the difference between passwordless user experiences and true passwordless security. Jointly written by HYPR Corp and Goode Intelligence. TRUST ANYONE
More informationDuo Security Enrollment Guide
Duo Security Enrollment Guide Duo's self-enrollment process makes it easy to register your phone and install the Duo Mobile application on your smartphone or tablet. Supported Browsers: Chrome, Firefox,
More informationSecure Authentication for Internet environment using Biometric and One-Time Password
UTM Computing Proceedings Innovations in Computing Technology and Applications Volume 2 Year: 2017 ISBN: 978-967-0194-95-0 1 Secure Authentication for Internet environment using Biometric and One-Time
More informationHumanistic Multi-Factor Authentication (MFA) Why We Don't Use MFA
SESSION ID: SEM-M01H Humanistic Multi-Factor Authentication (MFA) Why We Don't Use MFA Sanchari Das Doctoral Candidate Indiana University Bloomington @sancharidecrypt Authentication Technologies Something
More informationIDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO
IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO (US) @BEN_SMITH IDENTITY = THE MOST CONSEQUENTIAL ATTACK VECTOR Confirmed data breaches involving weak, default
More informationCONVENIENCE & SECURITY ARE THE KEYS TO SUCCESS NOW - SUBJECT TO THE SMART AUTHENTICATION. Kelly Ng Co-Founder
CONVENIENCE & SECURITY ARE THE KEYS TO SUCCESS NOW - SUBJECT TO THE SMART AUTHENTICATION Kelly Ng Co-Founder CONTENT 1. Introduction to PolyDigi 2. The safest Cyber city Singapore against Cyber Attack
More informationDIGIPASS SecureClick User manual
DIGIPASS SecureClick User manual DIGIPASS SecureClick Your DIGIPASS SecureClick authenticator is the most convenient way to protect online accounts accessed via your PC or smartphone. It s also FIDO U2F
More informationArchitecture Assessment Case Study. Single Sign on Approach Document PROBLEM: Technology for a Changing World
Technology for a Changing World Architecture Assessment Case Study Single Sign on Approach Document PROBLEM: Existing portal has Sign on Capabilities based on the SQL Server database and it s not having
More informationRelated Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)
PRESENTED BY: Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced) One of the main problems that customers face with the adoption of SaaS and cloud-based apps is how to deliver the
More informationRethinking Authentication. Steven M. Bellovin
Rethinking Authentication Steven M. https://www.cs.columbia.edu/~smb Why? I don t think we understand the real security issues with authentication Our defenses are ad hoc I regard this as a step towards
More informationAuthlogics for Azure and Office 365
Authlogics for Azure and Office 365 Single Sign-On and Flexible MFA for the Microsoft Cloud Whitepaper Authlogics, 12 th Floor, Ocean House, The Ring, Bracknell, Berkshire, RG12 1AX, United Kingdom UK
More informationHIPAA Compliance discussion
HIPAA Compliance discussion GoToWebinar Housekeeping: attendee participation Open and hide your control panel Join audio: Choose Mic & Speakers to use VoIP Choose Telephone and dial using the information
More informationAS emas emudhra Authentication Solution
AS emas emudhra Authentication Solution Create your own trusted enterprise network of users, devices, applications! With malware, ransomware and other cyber threats constantly thrown at Enterprises, a
More informationUser Guide: Adding a Device in Duo and Managing Settings
User Guide: Adding a Device in Duo and Managing Settings The Duo Mobile application provides an extra layer of security when it is incorporated into the login process for applications or web sites such
More informationMobile Biometric Authentication: Pros and Cons of Server and Device-Based
Mobile Biometric Authentication: Pros and Cons of Server and Device-Based Table of Contents 01 Introduction 01 The Ongoing Debate 02 Server-Centric Architecture 02 Device-Centric Architecture 02 Advantages
More informationCloud sicherung durch Adaptive Multi-factor Authentication
Cloud sicherung durch Adaptive Multi-factor Authentication Lars Gotlieb Regional manager DACH Lgo@smspasscode.com Marktbewährte Technologie Selected References 2 Marktbewährte Technologie Selected retail
More informationA Practical Step-by-Step Guide to Managing Cloud Access in your Organization
GUIDE BOOK 4 Steps to Cloud Access Management A Practical Step-by-Step Guide to Managing Cloud Access in your Organization Cloud Access Challenges in the Enterprise Cloud apps in the enterprise have become
More informationPassword-less protection. Reduce your risk exposure with password alternatives
Password-less protection Reduce your risk exposure with password alternatives Contents 03 / Introduction Passwords are no longer enough 05 / Why eliminate passwords? Moving away from passwords 08 / Introduction
More informationUsing Biometric Authentication to Elevate Enterprise Security
Using Biometric Authentication to Elevate Enterprise Security Biometric authentication in the enterprise? It s just a matter of time Mobile biometric authentication is officially here to stay. Most of
More informationMobile Devices prioritize User Experience
Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile
More informationContents. Multi-Factor Authentication Overview. Available MFA Factors
The purpose of this document is to provide National University student Single Sign-On users with instructions for how to configure and use Multi-Factor Authentication. Contents Multi-Factor Authentication
More informationDTB Multicurrency Prepaid Card Guide
DTB Multicurrency Prepaid Card Guide Thank you for showing interest in the DTB Multicurrency Prepaid Card! How to get your card: 1. Walk into any DTB branch countrywide 2. Provide a copy of your ID 3.
More informationOpen Mobile API The enabler of Mobile ID solutions. Alexander Summerer, Giesecke & Devrient 30th Oct. 2014
The enabler of solutions Alexander Summerer, Giesecke & Devrient 30th Oct. 2014 SIMalliance Allows usage of Secure Elements in Mobile Devices Designed for Open Handset OS platforms Common API for Apps
More informationSECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA
SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA CTO Office www.digi.me another Engineering Briefing digi.me keeping your data secure at all times ALL YOUR DATA IN ONE PLACE TO SHARE WITH PEOPLE WHO
More informationCNT4406/5412 Network Security
CNT4406/5412 Network Security Authentication Zhi Wang Florida State University Fall 2014 Zhi Wang (FSU) CNT4406/5412 Network Security Fall 2014 1 / 43 Introduction Introduction Authentication is the process
More informationDigital Identity Guidelines aka NIST SP March 1, 2017 Ken Klingenstein, Internet2
Digital Identity Guidelines aka NIST SP 800-63 March 1, 2017 Ken Klingenstein, Internet2 Topics 800-63 History and Current Revision process Caveats and Comments LOA Evolution Sections: 800-63A (Enrollment
More informationFIDO Alliance Response to the European Banking Authority (EBA)
FIDO Alliance Response to the European Banking Authority (EBA) Consultation on the Guidelines on the conditions to be met to benefit from an exemption from contingency measures under Article 33(6) of Regulation
More informationLecture 14 Passwords and Authentication
Lecture 14 Passwords and Authentication Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Bailey s ECE 422 Major Portions Courtesy Ryan Cunningham AUTHENTICATION Authentication
More informationDigital Identity Trends in Banking
i-sprint Innovations Identity and Security Management Solution Provider Digital Identity Trends in Banking Banking Vietnam 2017 Proven Bank Grade Identity and Security Management Solution Designed, Architected
More informationGetting Started with Duo Security Two-Factor Authentication (2FA)
Getting Started with Duo Security Two-Factor Authentication (2FA) Table of Contents What is Two-Factor Authentication (2FA)?... 1 Why 2FA at Bates College?... 2 2FA Technologies... 3 Duo Protected Resources
More informationepass FIDO -NFC PRODUCT MANUAL
epass FIDO -NFC PRODUCT MANUAL V1.3 2017-03 FEITIAN Technologies Co., Ltd. Website: www.ftsafe.com Overview Feitian epass FIDO -NFC is a FIDO alliance certified U2F authentication key. Unlike the traditional
More informationAzure Multi-Factor Authentication: Who do you think you are?
Azure Multi-Factor Authentication: Who do you think you are? Sander Berkouwer CTO at SCCT scct.nl Sander Berkouwer CTO at SCCT scct.nl Microsoft MVP Veeam Vanguard A little history Server Microsoft acquired
More informationIntegrated Access Management Solutions. Access Televentures
Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1
More informationA REVIEW ON SECURITY OF GOOGLE S INFRASTRUCTURE & DATA STORAGE
ABSTRACT A REVIEW ON SECURITY OF GOOGLE S INFRASTRUCTURE & DATA STORAGE S.B.Rafiah, N.Sreevidya, M.Yellamma Assistant Professor, Department of IT Sreenidhi Institute of Science and Technology Hyderabad,
More informationINSTRUCTIONS FOR CREATING YOUR FBBE ACCOUNT
INSTRUCTIONS FOR CREATING YOUR FBBE ACCOUNT If you do not already have one, download a Two Factor Authentication (2FA) app from the app store on your smart device. We strongly encourage you to use the
More informationGoogle on BeyondCorp: Empowering employees with security for the cloud era
SESSION ID: EXP-F02 Google on BeyondCorp: Empowering employees with security for the cloud era Jennifer Lin Director, Product Management, Security & Privacy Google Cloud What is BeyondCorp? Enterprise
More informationIntroduction of the Identity Assurance Framework. Defining the framework and its goals
Introduction of the Identity Assurance Framework Defining the framework and its goals 1 IAEG Charter Formed in August of 07 to develop a global standard framework and necessary support programs for validating
More informationUsing CSE Cisco Anyconnect with 2FA
Using CSE Cisco Anyconnect with 2FA If you are using the Duo Mobile App in push mode: you open Anyconnect. 3. Enter your CSE UserName for the Username. 4. A new window will open. 5. Enter your CSE UserName
More informationBEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management.
More informationPasswords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist
Passwords Are Dead Long Live Multi-Factor Authentication Chris Webber, Security Strategist Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Threat Landscape Breach accomplished Initial attack
More informationPassword-less Strong Authentication
Password-less Strong Authentication OWASP, Dallas, TX, May 17 th 2016 Be Secure with No Passwords Girish Chiruvolu, Ph.D., MBA, CISSP, CISM Information Security and Risk Management How Would You Choose
More informationMICROSOFT (MS) INTUNE IOS/ANDROID DEVICE ENROLLMENT
IS DIVISION MICROSOFT (MS) INTUNE IOS/ANDROID DEVICE ENROLLMENT FY 2018-2019 CONTENTS Introduction 3 Timeline 4 Getting Started 5 Content transfer guidelines 7 Page 2 INTRODUCTION BACKGROUND Microsoft
More informationDefeating the Secrets of OTP Apps
Defeating the Secrets of OTP Apps M.A., M.Sc. Philip Polleit, Friedrich-Alexander-Universität, Erlangen Dr.-Ing., Michael Spreitzenbarth, Friedrich-Alexander-Universität, Erlangen philip@polleit.de 1 //
More informationChoosing the right two-factor authentication solution for healthcare
Choosing the right two-factor authentication solution for healthcare The healthcare industry s transition from paper to electronic records has introduced significant security risk from hackers around the
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationProtect Yourself Against VPN-Based Attacks: Five Do s and Don ts
White Paper Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts Don t let stolen VPN credentials jeopardize your security March 2015 A TECHTARGET WHITE PAPER Most IT professionals take for
More informationIMPROVING MOBILE AUTHENTICATION FOR PUBLIC SAFETY AND FIRST RESPONDERS
#RSAC SESSION ID: MBS-R02 IMPROVING MOBILE AUTHENTICATION FOR PUBLIC SAFETY AND FIRST RESPONDERS William Fisher Security Engineer National Cybersecurity Center of Excellence @Billfshr LET S TALK ABOUT
More informationWhat is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.
P1L4 Authentication What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource. Authentication: Who are you? Prove it.
More informationComputer Security. 08. Authentication. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Authentication Paul Krzyzanowski Rutgers University Spring 2018 1 Authentication Identification: who are you? Authentication: prove it Authorization: you can do it Protocols such
More informationComputer Security 3/20/18
Authentication Identification: who are you? Authentication: prove it Computer Security 08. Authentication Authorization: you can do it Protocols such as Kerberos combine all three Paul Krzyzanowski Rutgers
More informationInnovative Authentication method for boosting Mobile Connect global roll-out
Innovative Authentication method for boosting Mobile Connect global roll-out GB Patent Pending 1803719.2 US Patent Pending 15928348 IPification solution could very well be what is missing to 2018, Shanghai
More information<Partner Name> <Partner Product> RSA SECURID ACCESS. NetMove SaAT Secure Starter. Standard Agent Client Implementation Guide
RSA SECURID ACCESS Standard Agent Client Implementation Guide NetMove Daniel R. Pintal, RSA Partner Engineering Last Modified: April 4, 2018 Solution Summary Secure Starter
More informationKeeping your VPN protected. proven. trusted.
Keeping your VPN protected proven. trusted. Overview The increasing use of remote access is driving businesses to look for an easy to manage, secure solution for providing access to sensitive company assets.
More informationSOFTWARE DEMONSTRATION
SOFTWARE DEMONSTRATION IDENTITY AND ACCESS MANAGEMENT SOFTWARE AND SERVICES RFP 644456 DEMONSTRATION AGENDA Executive Summary Technical Overview Break User Interfaces and Experience Multi-Campus and Inter-Campus
More informationMobile Identity as key enabler for the Digital Consumer
GNation #Better Future for Leisure Mobile Identity as key enabler for the Digital Consumer Mr. John Tsang Chairman BENEFIT VANTAGE LIMITED (IPification) IPification solution could very well be what is
More informationSamsung Pay Frequently Asked Questions
1 Samsung Pay Frequently Asked Questions Contents 1. About Samsung Pay..2 2. Getting Started..2 3. Using Samsung Pay to make payments..3 4. Samsung Pay Security..5 5. Miscellaneous 6 1 2 About Samsung
More informationModern two-factor authentication: Easy. Affordable. Secure.
Modern two-factor authentication: Easy. Affordable. Secure. www.duosecurity.com Your systems and users are under attack like never before The last few years have seen an unprecedented number of attacks
More information