Digital authentication
Download as PPTX, PDF0 likes142 views
The document details the evolution of digital authentication from traditional password systems to modern methods like FIDO2, emphasizing the importance of passwordless authentication. It outlines key developments including public-key cryptography, one-time passwords, and multi-factor authentication, leading to the implementation of FIDO2 APIs for both Android and iOS. This evolution highlights advancements in user verification and security, particularly using biometric technology and client-to-authenticator protocols.
Digital authentication
- 1. Digital Authentication Allan Shih JAN 20, 2021
- 2. ● Introduction ● FIDO2 Authentication ● FIDO2 APIs for Android ● FIDO2 APIs for iOS ● Reference Agenda
- 3. ● Authentication is often described as the process of “verifying that a user is who he claims to be”. Introduction
- 4. ● Any password-based authentication system needs to store passwords somewhere in order to validate them against a user’s input. The 60s: password
- 5. ● Used a cryptographic concept called a hash function to store passwords. The 70s: Password Hashing
- 6. ● Public-key or Asymmetric Cryptography involves two keys: ○ Public key that you can safely share with the world to help identify yourself ○ Private key you use to sign things, thus verifying your identity. Mid-70s: Public-key cryptography
- 8. ● A one-time password (OTP) is a password that is valid for only one login session or transaction, on a computer system or other digital device. The 80s: One-time passwords
- 9. ● A set of technologies and standards that manage the creation, storage, and distribution of keys or digital certificates. The 90s: Public-Key Infrastructure
- 10. Mid-90s detour: CAPTCHAs ● A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of challenge–response test used in computing to determine whether or not the user is human. ● We can used CAPTCHAs to prevent some automated authentication attacks.
- 11. ● Multi-factor authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource. The 2000s: Multi-factor authentication
- 12. ● The ubiquitous nature of smartphones brought two previously less-attainable authentication technologies to the masses: biometrics and 2FA. The 2010s: The smartphone era
- 13. The Problem With Passwords
- 14. ● FIDO2 (Fast Identity Online) uses public-key cryptography to provide strong passwordless authentication to end-users. ● FIDO2 is the name given to the combination of two specifications. ○ WebAuthn (Web Authentication) ○ CTAP (Client to Authenticator Protocol) FIDO2 Authentication
- 15. THE ORGANIZATIONS LEADING THE WAY
- 17. Registering a WebAuthn Credential
- 18. Registering a WebAuthn Credential
- 19. Authenticating with a WebAuthn Credential
- 20. Introduction
- 21. Authenticators iPhones running iOS 13 or later Yubico Security Key NFC used on a smartphone via NFC
- 22. FIDO2 APIs for Android ● The FIDO2 API entry point is the Fido2ApiClient. The API supports two operations: ○ Registration ○ Signing
- 23. FIDO2 APIs for Android
- 24. FIDO2 APIs for iOS ● Safari supports NFC, USB, and Lightning FIDO2-Compliant Security Keys in iOS 13.3 ● Safari support password-less logins via Face ID and Touch ID on iOS 14
- 25. FIDO2 APIs for iOS 13
- 26. FIDO2 APIs for iOS 14
- 27. ● FIDO2: WebAuthn & CTAP ● FIDO2 API for Android ● Your First Android FIDO2 API ● Meet Face ID and Touch ID for the web - wwdc2020 Reference