More Related Content Similar to FIDO in Action: Real World Development Case Studies (20) More from FIDO Alliance (20) FIDO in Action: Real World Development Case Studies2. What Experience Do Consumers Want?
NokNokDemos
Today, in most cases hitting “next” brings you to a password…
3. A Consistent Passwordless Experience Across Any
Channel
NokNokDemos
With Nok Nok’s FIDO solution, you can get rid of passwords
4. A Consistent Passwordless Experience Across Any
Channel
NokNokDemos
• Same experience in mobile and web applications
• Turn biometrics into 2 factors
5. 2 Examples: Business to Consumer Case Studies
©2018 Nok Nok Labs — Confidential — Do not distribute 5
• 9,000 employees worldwide
• 19 locations in 9 countries
• $6.0 billion in revenue
• 77M+ Million customers
• More than 51K employees worldwide
• Un-carrier CUSTOMER FIRST
philosophy
• Has led the industry in YoY growth for
18 consecutive quarters
6. ©2018 Nok Nok Labs — Confidential — Do not distribute 6
Intuit and T-Mobile
Discuss Their FIDO
Deployments
7. Journey to Passwordless for Consumers
Phase 1
Mobile First Strategy
(Phase out SMS-OTP)
Phase 2
Add Web Support
Phase 3
Fully Deprecate
Passwords
8. ©2018 Nok Nok Labs — Confidential — Do not distribute 8
Business Goals:
• Mobile first strategy using native
authenticators
• Reduce use of passwords
• Reduce cost of support for login related
issues
• Standardize across brands migrating from
Touch ID to FIDO
• Improve security controls
• Reduce overhead of developing
proprietary approaches
• Leverage best industry standard
• Rapidly support new native device
authenticators and all associated flows
Capabilities Needed:
• FIDO compliant technology
• Support all current and future FIDO protocols
• Private cloud hosting (on premise solution)
• Maintain standard for high availability and
performance
• Industry standards for security controls (e.g.
encryption key rotation)
• Durability: Partner fully invested in FIDO
today and in the future
• Lightweight integration with native apps and
backend services
• Quick turnaround on any required patches
9. ©2018 Nok Nok Labs — Confidential — Do not distribute 9
Implementation Overview:
• Educate internal product teams on new
approach
• Scaled service deployment across multiple
cloud hosting zones and regions to meet
availability requirements
• Integrate risk screening as part of
authentication event
• Scale solution in phases: smaller user base
apps leading to TurboTax
• Controlled user rollout with iOS first
• Require use of FIDO authentication with
upgraded app
Why FIDO:
• Strong, multi-factor security model
• Industry standard, future proof
• Convenience for users
• Lower operational costs
Alternatives Considered:
• Buy versus build (context vs. core)
• Leverage best industry standard (FIDO)
with proven partner
10. ©2018 Nok Nok Labs — Confidential — Do not distribute 10
Results:
• 99.9% % authentication success vs.
80-85% using SMS OTP
• Authentication time reduced by 20%
• No disruption and continued high adoption
rate
• Eliminated development costs of
maintaining proprietary solution
• Platform in place to rapidly support
additional use cases
Next Steps:
• Move to AWS Aurora
• Continue roll out to additional products
• Expand use cases including passwordless
browser login
“We have improved our security controls while providing our customers with
seamless access to their online financial data.”
- Antonio Fuentes, Principal Product Manager
11. ©2018 Nok Nok Labs — Confidential — Do not distribute 11
Business Goals:
• Reduce pain point of passwords on phone
• Increase confidence of right user
• Implement a scalable, future-proof
approach to authentication
Why FIDO:
• Strong, multi-factor authentication and
biometrics
• Industry standard plug and play approach
today and in future
• Public private key pair trust model
• Lower operational costs
Capabilities Needed:
• Universal Server
• Integrate with existing IDP
• Carrier-grade platform and scalability
Alternatives Considered:
• Several evaluated including “Build Your
Own”
• Determined finding a partner to get to
desired state was more cost effective and
minimized risk
12. ©2018 Nok Nok Labs — Confidential — Do not distribute 12
Implementation Overview:
• Design flows for Use Cases
• Determine UX terminology and experience
• Integrate with MyTMO native mobile app
• Integrate with in-house virtualized and
modular Ericsson IAM
• 6 month project from solution design to
launch
• Roll out to users in waves of 1M over 1
month period
• “Soft” push for registration
– remind users once/month 4 times
Results:
• Reduced password resets by 65% to 7%
• 50% adoption in first 5 months with
“soft” rollout
• Supported FaceID Day 1 with no
additional work
• “Flawless” implementation with no
service issues
• Expanding across applications including
authentication to Call Center
13. ©2018 Nok Nok Labs — Confidential — Do not distribute 13
Next Steps:
• Roll out to additional products
• Push notification for quick authentication
into call center
• Leverage Nok Nok/FIDO for user
authentication for cross-carrier initiative
(CCID)
Lessons Learned:
• Important to be clear on which users to
target
• Determine the user experience you want
to accomplish
– Do you provide choice or simplify experience?
– Default to TMOs desired authenticator
“By implementing Nok Nok’s FIDO authentication platform we have achieved our
goal of providing T-Mobile customers a secure, frictionless experience for
accessing our services today and in the future.”
- Michael Engan, Principal Technology Architect