6. All Rights Reserved | FIDO Alliance | Copyright 20196
Opening Remarks
FIDO Seoul Seminar
23 September 2019
7. All Rights Reserved | FIDO Alliance | Copyright 2019777777
Please welcome Mr. Jae Moon Park @ TTA
Mr. Jae Moon Park
President
Telecommunications Technology Association
8. Latest News & Perspectives
from FIDO Alliance
FIDO SEMINAR
SEOUL
23 SEPTEMBER 2019
Andrew Shikiar
Executive Director & CMO
FIDO Alliance
11. (Not) breaking news: Password problems
credentials
stolen in
2017 alone
(Shape Security)
2.3 billion
cost to U.S.
businesses
each year
(Shape Security)
$5 billion
36% rise
in phishing
attacks
in 2018
(Webroot)
1,244
breaches in 2018, a 126% jump
in exposed records containing PII
(Identity Theft Resource Center 2018 Breach Report)
51%
of passwords
are reused
across services
(University of Oxford)
collectively spent by
humans each day entering
passwords
(Microsoft)
1,300 years
e-commerce sites’
attempted log-ins
are compromised
by stuffing
(Shape Security)
80-90%
Password-driven cart
abandonment rate
(Visa)
49%
Of IT leaders re-use a
single password
(Sailpoint)
55%
Of helpdesk calls are
for password resets
(Forrester)
20-50%
OF PEOPLE HAVE FELT STRESSED OR ANNOYED
AS A RESULT OF FORGETTING THEIR PASSWORD
(Okta)
62%
12. + Sponsor members + Associate members + Liaison members
An industry movement to solve the
password problem
13. Industry imperative: Simpler and
stronger
Security
Usability
Poor Easy
WeakStrong
=
Single Gesture
Possession-based Authentication
Open standards for simpler,
stronger authentication using
public key cryptography
23. InternetofThingsIDVerification
Gaps in adjacent areas need to be filled
for FIDO mission to be realized
Only9%ofcompanieswarnemployees
aboutIoTrisks
6wayssmartdevicescan
behacked
Hackersusednewweaponstodisruptmajor
websitesacrossU.S.
Howtoprotectyourbusinessfrom
accounttakeoverattacks:
3tips
Thirdpartydatabreach
hitsQuestDiagnosticswith
12millionconfidentialpatientrecords
exposed
Here’sthebestwaytoprotectyouraccounts
fromhackertakeovers
24. Our plan to fill these gaps: new work areas
Device & User Verification
and Onboarding
Authentication
Federation
Single
Sign-On
Strengthen identity verification assurance
to support better account recovery
Automate secure device onboarding to
remove password use from IoT.
25. Why FIDO and ID Verification?
All Rights Reserved | FIDO Alliance | Copyright 201926
FIDO Authentication
has been proven to
protect against
account takeover
through phishing and
other credential-
based attacks.
But…
“What happens if
I lose my FIDO
authenticator?”
All Rights Reserved | FIDO Alliance | Copyright 201926
For accounts protected
with FIDO Authentication, the
account recovery process
when a FIDO device is lost or
stolen becomes critical to
maintaining the integrity of
the user’s account.
26. IDWG
ADDRESSING THE GAPS:
ID VERIFICATION & BINDING WORKING GROUP
All Rights Reserved | FIDO Alliance | Copyright 201928
• Define criteria for solution performance
• Create and deploy a program to support
the adoption of that criteria
• Similar to biometric certification programs
with test requirements, lab procedures, etc.
• Will collaborate with the FIDO Certification
Working Group (CWG) and Certification
Secretariat
• Produce thought leadership white papers
to promote the utilization and market
awareness of the new program
Provide authoritative guidance
and solution certification
programs for possession-based
identity verification procedures.
This includes (but is not limited
to) government-issued identity
document authentication and
biometric “selfie” matching.
MISSION: ACTIVITIES:
IDWG will:
27. Why is FIDO focusing on IoT ?
• The IoT industry is looking to standardize identity of devices,
remove passwords and automate the binding of devices to the
cloud applications – and
• FIDO has a proven track record of removing password
dependence for user authentication and can now brings its vision
for passwordless authentication to IoT.
• IoT brings adjacent use cases for user-less, automated
authentication – introducing new ‘smart’ intermediaries for
secure authentication of IoT devices
• The automated secure onboarding of IoT devices will remove the
need for a password – eliminating a critical vulnerability for
businesses and consumers worldwide
28. IOT
WG
ADDRESSING THE GAPS:
IOT TECHNICAL WORKING GROUP
All Rights Reserved | FIDO Alliance | Copyright 201931
Develop use cases, target architectures, and
specifications covering the following topics:
• IoT Device Attestation/Authentication profiles to
enable interoperability between relying
parties and IoT devices
• Automated onboarding, and binding of
applications and/or users to IoT devices
• IoT device authentication and provisioning via
smart routers and IoT hubs
• Gap analysis and extensions/modifications
(where necessary) of existing FIDO specifications
related to IoT authentication, platforms and
protocols
Provide a comprehensive
authentication framework for
IoT devices in keeping with
the fundamental mission of
the FIDO Alliance:
passwordless authentication.
MISSION: ACTIVITIES:
30. All Rights Reserved | FIDO Alliance | Copyright 201933
Getting Started with your FIDO
Deployment
• Match your use case to FIDO’s specifications
• Leverage publicly available resources
• Case studies
• Best practices
• Developer tools
• Seek FIDO Certified Vendors
• Engage with the FIDO Community / FKWG
31. The Future of User Authentication
FIDO Authentication is the industry’s answer to the password problem
INDUSTRY SUPPORT
FIDO represents the
efforts of some of the
world’s largest
companies whose very
businesses rely upon
better user
authentication
THOUSANDS OF
SPEC DEVELOPMENT
HOURS
Now being realized in
products being used
every day
ONGOING
INNOVATION
Specifications,
certification programs,
and deployment
working groups
establishing best
implementation
practices
ENABLEMENT
Leading service
providers representing
billions of user
identities are already
FIDO-enabling their
authentication
processes
32. Get involved in the FIDO ecosystem
@FIDOALLIANCE
WWW.FIDOALLIANCE.ORG
Andrew Shikiar
andrew@fidoalliance.org
33. All Rights Reserved | FIDO Alliance | Copyright 201936
Korean Market Trends &
Opportunities
- Panel Discussions -
FIDO Seoul Seminar
23 September 2019
34. All Rights Reserved | FIDO Alliance | Copyright 2019373737373737
Please welcome the panelists
Dongho Kim
Samsung SDS
Junho Shin
Telecommunication Technology Associations
Youngsuk Hong
eWBM
David Ahn
CrossCert
Yoosurk Han
AirCuve
Youngwoong Park
BC Card
35. All Rights Reserved | FIDO Alliance | Copyright 2019383838383838
Question No. 1
“Please introduce yourself and the
organization you are representing while
explaining what FIDO means to you and your
organization.”
36. All Rights Reserved | FIDO Alliance | Copyright 2019393939393939
Question No. 2
“What are the notable FIDO related news or
events that you witnessed or experienced this
year? (or expect to see in 4th quarter of
2019?)”
37. All Rights Reserved | FIDO Alliance | Copyright 2019404040404040
Question No. 3
“In terms of FIDO Deployment in Korea, what
do you expect to see in year 2020 and going
forward?”
38. All Rights Reserved | FIDO Alliance | Copyright 20184141
Anything else you wish to
share with audience today?
39. All Rights Reserved | FIDO Alliance | Copyright 2019424242424242
Agenda: Morning
40. All Rights Reserved | FIDO Alliance | Copyright 201943
FIDO Hackathon Cases
& Award Ceremony
FIDO Seoul Seminar
23 September 2019
41. All Rights Reserved | FIDO Alliance | Copyright 2019444444444444
Please welcome FKWG Co-Chairs
Henry Jong-Hyeon Lee
Senior Vice President, Mobile Security Technologies
Samsung Electronics Co., Ltd.
Sanghun Won
Head of Digital Laboratory
BC Card Co., Ltd
42. All Rights Reserved | FIDO Alliance | Copyright 20184545
Case Presentations
- Top 3 Award -
Ping Point
By N-Key X LINE
43. All Rights Reserved | FIDO Alliance | Copyright 2019464646464646
Current Problems
N-Key X LINE
Time-Consuming to Authenticate Users Vulnerable to Data Breach
44. All Rights Reserved | FIDO Alliance | Copyright 2019474747474747
Challenges
N-Key X LINE
• Difficulty of
Remembering
• High Possibility of
Leakage
• Inconvenience of
Typing at Kiosk
E-mail / Password
• Low Level
Recognition of
Barcode
• Inconvenience
From The Process
of Turning On
Barcode
Barcode
• The Need To
Carry Membership
Card All The Time
• Risk of Losing
Card
Membership Card
• Potential Risk of
Identity Theft
• Difficulty of
Verifying Users
Phone-Number
45. All Rights Reserved | FIDO Alliance | Copyright 2019484848484848
Solution
N-Key X LINE
FIDO2
46. All Rights Reserved | FIDO Alliance | Copyright 2019494949494949
Why NFC?
N-Key X LINE
NFC Trigger FIDO
Auth
47. All Rights Reserved | FIDO Alliance | Copyright 2019505050505050
Service Structure
N-Key X LINE
KIOSK
RP Server
Android
NFC
HTTPS
HTTPS
HTTPS
LINE FIDO Server
48. All Rights Reserved | FIDO Alliance | Copyright 2019515151515151
Result (Register)
N-Key X LINE
49. All Rights Reserved | FIDO Alliance | Copyright 2019525252525252
Result (Membership Authentication)
N-Key X LINE
50. All Rights Reserved | FIDO Alliance | Copyright 2019535353535353
Overview (PingPoint Application)
N-Key X LINE
Splash Log-in FIDO Login Simple PasscodeRegister
51. All Rights Reserved | FIDO Alliance | Copyright 2019545454545454
Overview (PingPoint Application)
N-Key X LINE
Main Membership Point List Store Search Menu My Page
52. All Rights Reserved | FIDO Alliance | Copyright 2019555555555555
Experience
N-Key X LINE
Teamwork and Collaboration Learning New Skills
53. All Rights Reserved | FIDO Alliance | Copyright 20185656
Award Ceremony
- Top 3 Award -
Ping Point
By N-Key X LINE
Gift Sponsors:
54. All Rights Reserved | FIDO Alliance | Copyright 20185757
Case Presentations
- Special Award -
KwangHae X Yubico & AirCuve
LinkME X BC Card
KISMI X eWBM
Soondae X Yubico & AirCuve
55. All Rights Reserved | FIDO Alliance | Copyright 2019585858585858
FIDO2 Enabled SSH Login
KwangHae X Yubico & AirCuve
● Linux Servers are highly popular
● Public IP Address In Linux
→ Easy Target for Attackers
● 81% of Company Data Breaches
due to Poor Passwords
● Customized PAM
● FIDO2 authentication service
Enables Easy-to-use yet Highly
Secure Login
● Eliminates need for End-User
Password Management
Linux ssh login system with FIDO 2.0 protocol
Challenges Solution
56. All Rights Reserved | FIDO Alliance | Copyright 2019595959595959
FIDO Enabled Blockchain Crowdfunding
LinkME X BC Card
57. All Rights Reserved | FIDO Alliance | Copyright 2019606060606060
Decentralized ID Based ERP System
KISMI X eWBM
Decentralized ID based ERP system
- FIDO2와 블록체인 기반의 공증센터에서 분산 ID를 발급, 인증
- 멀티 클라우드 분산 저장소에 전자문서와 분산 ID 보관
- 분산 ID 공증센터, 근태관리 시스템, 전자문서 이력관리 시스템
- 하나의 분산 ID로 연결된 모든 서비스 사용 가능
K-AUTH 공증센터
K-EMS 근태관리시스템
K-DMS 전자결재시스템
…
Blockchain
Team
박성갑 연구소장
김창규 팀장
어다희 팀원
서동권 팀원
박두현 팀원
Technology
특허 4건
저작권 4건
MVP 10건
Mentor
해커톤 성과
KISMI 소개 도전과제
1. One ID & Passwordless
2. 디지털 신원관리 체계
3. 클라우드 기반 분산 저장
직원ID(분산ID) Windows Hello Login 사내 시스템 사용
58. All Rights Reserved | FIDO Alliance | Copyright 2019616161616161
FIDO2 Enabled WiFi Authenticaiton
Soondae X Yubico & AirCuve
❖ Agenda
⮚ To use FIDO to authenticate securely on public WiFi
❖ Challenge
⮚ User connections are widely exposed on open WiFi networks, convenient yet secure authentication is needed to
protect user data
❖ Solution
⮚ Improve the user experience by introducing FIDO2 authentication to enhance end user security on a WiFi network
❖ Implementation
②
③ EAPEAP
EAP
①
① EAP
②
③
① Supplicant must establish HTTPS (TLS) session using RP’s
link within EAP for target AP.
② RP to send the received data to Server
③ Response data from the server is returned to supplicant using
EAP
59. All Rights Reserved | FIDO Alliance | Copyright 20186262
Award Ceremony
- Special Awards -
KwangHae: Industry Contribution
LinkME: Great Pitch
KISMI: Mentor’s Choice
Soondae: Moonshot
Gift Sponsors:
60. All Rights Reserved | FIDO Alliance | Copyright 20186363
Case Presentations
- Top 3 Award -
QR Code Info Protection
By Jekyll & Hyde X Samsung
61. All Rights Reserved | FIDO Alliance | Copyright 2019646464646464
Social & Technical Challenges
Jekyll & Hyde X Samsung
62. All Rights Reserved | FIDO Alliance | Copyright 2019656565656565
Your Identity: Protect & Hide
Jekyll & Hyde X Samsung
63. All Rights Reserved | FIDO Alliance | Copyright 2019666666666666
Challenges with Existing Technologies
Jekyll & Hyde X Samsung
64. All Rights Reserved | FIDO Alliance | Copyright 2019676767676767
Our Approach to Tackle the Challenges
Jekyll & Hyde X Samsung
65. All Rights Reserved | FIDO Alliance | Copyright 2019686868686868
Service Demonstration: Jekyll & Hyde
Jekyll & Hyde X Samsung
66. All Rights Reserved | FIDO Alliance | Copyright 2019696969696969
Service Demonstration: Jekyll & Hyde
Jekyll & Hyde X Samsung
67. All Rights Reserved | FIDO Alliance | Copyright 2019707070707070
Service Demonstration: Jekyll & Hyde
Jekyll & Hyde X Samsung
68. All Rights Reserved | FIDO Alliance | Copyright 2019717171717171
Service Demonstration: Jekyll & Hyde
Jekyll & Hyde X Samsung
69. All Rights Reserved | FIDO Alliance | Copyright 2019727272727272
Service Demonstration: Jekyll & Hyde
Jekyll & Hyde X Samsung
70. All Rights Reserved | FIDO Alliance | Copyright 2019737373737373
Service Demonstration: Jekyll & Hyde
Jekyll & Hyde X Samsung
71. All Rights Reserved | FIDO Alliance | Copyright 2019747474747474
Use Case Example
Jekyll & Hyde X Samsung
72. All Rights Reserved | FIDO Alliance | Copyright 2019757575757575
Service Needs & Hackathon Performance
Jekyll & Hyde X Samsung
73. All Rights Reserved | FIDO Alliance | Copyright 20187676
Award Ceremony
- Top 3 Award -
QR Code Info Protection
By Jekyll & Hyde
Gift Sponsors:
74. All Rights Reserved | FIDO Alliance | Copyright 20187777
Case Presentations
- Special Award -
Drones Without Password X SK Telecom
Umbridge X SK Telecom
Social Mix X BC Card
EASY X CrossCert
75. All Rights Reserved | FIDO Alliance | Copyright 2019787878787878
Drones Without Password
Drones Without Password X SK Telecom
Problems of common drones
: Low security, Hard to identify users
Experiences during the project
: Complexity of drones, Helpful advices from mentors
I. II.
IV.III.
Project Goal
: FIDO Drone, Check validation of key
Project Goal
: FIDO Drone authentication system
76. All Rights Reserved | FIDO Alliance | Copyright 2019797979797979
Umbridge
Umbridge X SK Telecom
Motive for participation
- Interesting of biometric authentication protocol
Challenges
- Technical challenges - Embedded Model Design and Fabrication, FIDO protocol
connection
- Social challenges - Increased Umbrella Reusability
Experience
- Learned in detail about FIDO authentication.
- FIDO authentication implementation
Achievement
- Good mentors
77. All Rights Reserved | FIDO Alliance | Copyright 2019808080808080
Cell Market X FIDO UAF
Social Mix X BC Card
78. All Rights Reserved | FIDO Alliance | Copyright 2019818181818181
Authentication Application for Low-Income Bracket
EASY & CrossCert
Process
Purpose EASY - CrossCert
Making certification easier for low-income bracket
Easy team surveyed 50 people
They need online low-income people certification
application
Start Development
FIDO & IoT
It is supported two features.
1. A function to submit and authenticate documents that prove low-income people
in the app itself
2. A function to unlock unmanned locker which is stored support product for low-
income people by FIDO
< fingerprint authentication (FIDO) >
< Locker & touch panel>
1. join membership
2. registration of documents
3. an application for products
4. receipt of products
79. All Rights Reserved | FIDO Alliance | Copyright 20188282
Award Ceremony
- Special Awards -
Drones Without Password: Shark Tank
Umbridge: Best Implementation
Social Mix: Idea
EASY: Impact
Gift Sponsors:
80. All Rights Reserved | FIDO Alliance | Copyright 20188383
Case Presentations
- Top 3 Award -
Decentralized ID-Based Electronic
Signature Contract Solution
By TEEware X CrossCert
81. All Rights Reserved | FIDO Alliance | Copyright 2019848484848484
Start-up while researching TEE and FIDO
TEEware X CrossCert
82. All Rights Reserved | FIDO Alliance | Copyright 2019858585858585
Beyond Authentication
TEEware X CrossCert
FIDO
Simpler,
Stronger,
Authentication
Why not
Digital Signature?
Contract
Transaction Confirmation
Document Signing
83. All Rights Reserved | FIDO Alliance | Copyright 2019868686868686
Problems of Handwritten Signatures
TEEware X CrossCert
Can you tell the difference?
A B
84. All Rights Reserved | FIDO Alliance | Copyright 2019878787878787
Forgeable Handwritten Signatures
TEEware X CrossCert
85. All Rights Reserved | FIDO Alliance | Copyright 2019888888888888
Benefits of Digital Signatures
TEEware X CrossCert
Original Forgery Verification
Handwritten
signature
Digital signature
aa634aa83b7a532e95ad4075b859d6b7b
b347fa6630474e8c7250e8679dba94a3ed
b7b705253badb79d48492f90265210b0f0
2afd7d2e95c3d8bd5cf4d4d33d0
aa634aa83b7a532e95ad4075b859d6b7
bb347fa6630474e8c7250e8679dba94a
3edb7b705253badb878b106ef9026521
0b0f02afd7d2e95c3d8bd5cf4d4d33d0
Ask writing expert
✔ Cost
✔ 2~7 days to verify
Automatic verification
✔ By any computer
✔ Immediately verifiable
Signing documents with FIDO -> Easier verification!
86. All Rights Reserved | FIDO Alliance | Copyright 2019898989898989
Two Components of Signing
TEEware X CrossCert
Who signed it?
“Identity”
Did the person
actually signed it?
“signature”
87. All Rights Reserved | FIDO Alliance | Copyright 2019909090909090
Traditional Off-line Document Signing
TEEware X CrossCert
< Identity >
A person's identity is verified with
physical ID card
< Signature >< Contract >
88. All Rights Reserved | FIDO Alliance | Copyright 2019919191919191
FIDO-DID based On-line Document Signing
TEEware X CrossCert
Only device owner
can make digital signature
Digital signature proves
the device owner signed
the document
aa634aa83b7a532e95ad4075b859
d6b7bb347fa6630474e8c7250e86
79dba94a3edb7b705253badb79d
48492f90265210b0f02afd7d2e95c
3d8bd5cf4d4d33d0
DID proves the identity
of device owner
< Signature >< Identity >
< Device owner > < FIDO authenticator >
89. All Rights Reserved | FIDO Alliance | Copyright 2019929292929292
DID(Decentralized Identity)
TEEware X CrossCert
Federated
✔ DID is a blockchain-based digital identity service.
✔ DID is emerging global standard for representing digital identity.
Isolated
Self-sovereign
Decentralized
90. All Rights Reserved | FIDO Alliance | Copyright 2019939393939393
Visualizing a DID
TEEware X CrossCert
Name
DID Identity ID: did:teeware:1234567890abcdef
David Kim
City
Seoul
Country
Republic of Korea
Birth Validity
1990-01-01 2024-01-01
----- BEGIN PUBLIC KEY ----- MIIEpQIBAAKCAQEA0amz+6t8OE0ceIqscfk7U
DkVtpJ9jy/pCoHDwH/SELJvtW9eaLjC9PU6pDH ----- END PUBLIC KEY -----
91. All Rights Reserved | FIDO Alliance | Copyright 2019949494949494
Service Scenario: Registration
TEEware X CrossCert
Enter Personal
Information
Register
FIDO Authenticator
Record DID
to Blockchain
Lookup DID
92. All Rights Reserved | FIDO Alliance | Copyright 2019959595959595
Service Scenario: Document Signing
TEEware X CrossCert
Select Document
FIDO Authentication
Send Document
Verify Signtature
93. All Rights Reserved | FIDO Alliance | Copyright 2019969696969696
CrossCert X TEEware
TEEware X CrossCert
94. All Rights Reserved | FIDO Alliance | Copyright 2019979797979797
CrossCert X TEEware
TEEware X CrossCert
95. All Rights Reserved | FIDO Alliance | Copyright 2019989898989898
Real-world Application
TEEware X CrossCert
Integrating FIDO-DID digital signature to
ReDWit's Electronic Lab Notebook service
x x
< Requirements for Official Lab Notebook >
96. All Rights Reserved | FIDO Alliance | Copyright 2019999999999999
FIDO-based DID for Digital Signature
TEEware X CrossCert
FIDO
Usable
Secure
Strong
DID
Distributed
Self-sovereign
Universal
Simple and Secure Document Signing Service built with FIDO and DID
97. All Rights Reserved | FIDO Alliance | Copyright 2018100100
Award Ceremony
- Top 3 Award -
Decentralized ID-Based Electronic
Signature Contract Solution
By TEEware
Gift Sponsors:
98. All Rights Reserved | FIDO Alliance | Copyright 2019101
Sponsor Showcase
- Egis Technology -
FIDO Seoul Seminar
23 September 2019
99. It all started
with the
password
Protected
passwords with
salted hash
One-time
passwords
emerge
Public-key
infrastructure
2FA adoption
takes hold
Smartphone
era
Mid-90s detour:
CAPTCHAs
The 60s
The 70s
The 80s
The 2000s
The 2010s
The 90s
Passwordless
NextDigital authentication Roadmap:
The past, present and uncertain future of the keys to online identity
https://www.geekwire.com/2018/digital-authentication-human-beings-history-trust/
100. All Rights Reserved | FIDO Alliance | Copyright 2019103103103103103103
Agenda: Morning
101. All Rights Reserved | FIDO Alliance | Copyright 2019104104104104104104
Agenda: Afternoon