SlideShare a Scribd company logo

Protecting IDAAS with FIDO Authentication

FIDO Alliance, profile picture
FIDO Alliance

The document discusses the implementation of FIDO U2F (Universal 2nd Factor) to enhance security in identity as a service (IDaaS) and single sign-on (SSO) applications provided by Trustelem and Neowave. It highlights the growing risks of identity theft and cyber attacks, and presents FIDO U2F as a robust solution against phishing and other security threats, offering advantages like high security and ease of use. The conclusion emphasizes FIDO U2F as a highly recommended authentication method for web SSO users and administrators.

Internet
Related topics:
web-applications โ€ข Cloud Computing Insights โ€ข Online Security
1 of 18
Downloaded 59 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
All Rights Reserved | FIDO Alliance | Copyright 20171 NEOWAVE + TRUSTELEM PROTECTING IDAAS* (WEB/CLOUD SSO*) WITH FIDO U2F * IDAAS: IDENTITY AS A SERVICE SSO: SINGLE SIGN ON
All Rights Reserved | FIDO Alliance | Copyright 20172 Deployment Case Study: Trustelem & Neowave Protecting IDAAS with FIDO U2F Gregory Haรฏk, CEO, Trustelem Frederic Martin, Security Architect, NEOWAVE
All Rights Reserved | FIDO Alliance | Copyright 20173 FIDO U2F TO PROTECT IDENTITY AS A SERVICE
All Rights Reserved | FIDO Alliance | Copyright 20174 NEOWAVE: SMART CARD BASED SECURITY PRODUCTS NEOWAVE mission is to address these issues through strong authentication, encryption and digital signatures based on secure smart card based products. Identity theft (phishing), fraud, data theft and cyber attacks are on the rise
All Rights Reserved | FIDO Alliance | Copyright 20175 EASY PHISHING ATTACKS AGAINST SMS CODES User Real website username password SMS username password SMS Send SMS3 1 4 5 2 Fake website or MITM attack
All Rights Reserved | FIDO Alliance | Copyright 20176 EASY PHISHING ATTACKS AGAINST OTP / TOTP username password OTP username password OTP OTP generator2 1 3 5 4 User Real websiteFake website or MITM attack
All Rights Reserved | FIDO Alliance | Copyright 20177 EASY PHISHING ATTACKS AGAINST SCANNED QR CODE VALIDATION User Real websiteFake website or MITM attack Give access Read QR Code 2 3 1 Validate (wrong) access4 5
All Rights Reserved | FIDO Alliance | Copyright 20178 FIDO U2F: SIMPLE / SECURE SOLUTION AGAINST PHISHING ATTACKS 2 โ€“ Data to be signed (challenge, hashed url, etc.) 4 โ€“ Signed Data 3 โ€“ Digital Signature (built-in smart card) 6 โ€“ Signature Verification 1 โ€“ Data to be signed (challenge, hashed url, etc.) 5 โ€“ Signed Data SSL Token Binding MITM protection
All Rights Reserved | FIDO Alliance | Copyright 20179 FIDO U2F USB SECURITY KEY PLUG KEYDO SECURITY KEY IN ENTER USERNAME & PASSWORD THATโ€™S IT
All Rights Reserved | FIDO Alliance | Copyright 201710 FIDO U2F NFC CARD APPROACH BADGEO NFC CARD THATโ€™S IT ENTER USERNAME & PASSWORD
All Rights Reserved | FIDO Alliance | Copyright 201711 TRUSTELEM: IDENTITY AS A SERVICE Company Corporate applications Trustelem enables your IT users to go from one application to another, without the need to re-authenticate. Trustelem manages digital identities of your IT users (IDaaS - Identity-as-a-Service Cloud Single Sign-On, SSO).
All Rights Reserved | FIDO Alliance | Copyright 201712 FIDO U2F ADVANTAGES FOR WEB SSO LOGON โ€ข No driver installation requirement โ€ข Web browser built-in support โ€ข Multi-platform / multi-channel protocol โ€ข High security level (built-in smart card) โ€ข Ultimate solution against identity theft
All Rights Reserved | FIDO Alliance | Copyright 201713 SIMPLE /SECURE WEB SSO LOGON Password then FIDO U2F
All Rights Reserved | FIDO Alliance | Copyright 201714 ALL-IN-ONE USER DASHBOARDS ACCESS PROTECTION Now you donโ€™t have to wait for Microsoft to integrate FIDO U2F authentication :)
All Rights Reserved | FIDO Alliance | Copyright 201715 APPLICATIONS ACCESS e.g. facebook workplace
All Rights Reserved | FIDO Alliance | Copyright 201716 ADMIN CONSOLE Setup directories, users, apps, permissionsโ€ฆ Logs, deployment audit
All Rights Reserved | FIDO Alliance | Copyright 201717 MORE FIDO U2F ADVANTAGES โ€ข FIDO U2F devices are anonymous (no user information, just anonymous keys, association is done on the server side) โ€ข FIDO U2F devices can be filtered, web services can be locked only for our own customized devices (attestation certificate)
All Rights Reserved | FIDO Alliance | Copyright 201718 CONCLUSION โ€ข FIDO U2F strongly recommended for Web SSO users and/or administrators โ€ข Secure but easy to use and deploy

More Related Content

PPTX
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
ย 
PDF
NTT DOCOMO Deployment Case Study
FIDO Alliance
ย 
PDF
Introduction to the FIDO Alliance
FIDO Alliance
ย 
PDF
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Alliance
ย 
PDF
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Alliance
ย 
PPTX
FIDO & GSMA Mobile Connect
FIDO Alliance
ย 
PDF
The Value of FIDO Alliance Membership
FIDO Alliance
ย 
PDF
FIDO and the Future of User Authentication
FIDO Alliance
ย 
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
ย 
NTT DOCOMO Deployment Case Study
FIDO Alliance
ย 
Introduction to the FIDO Alliance
FIDO Alliance
ย 
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Alliance
ย 
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Alliance
ย 
FIDO & GSMA Mobile Connect
FIDO Alliance
ย 
The Value of FIDO Alliance Membership
FIDO Alliance
ย 
FIDO and the Future of User Authentication
FIDO Alliance
ย 

What's hot (20)

PPTX
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
FIDO Alliance
ย 
PPTX
FIDO Masterclass
FIDO Alliance
ย 
PDF
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
FIDO Alliance
ย 
PDF
Introduction to FIDO Authentication
FIDO Alliance
ย 
PDF
Deployment Case Study: Login.gov & FIDO2
FIDO Alliance
ย 
PPTX
Google Case Study: Becoming Unphishable
FIDO Alliance
ย 
PDF
Integrating FIDO & Federation Protocols
FIDO Alliance
ย 
PDF
FIDO Authentication and GSMA Mobile Connect
FIDO Alliance
ย 
PDF
Google Case Study: Strong Authentication for Employees and Consumers
FIDO Alliance
ย 
PPTX
Fido Technical Overview
FIDO Alliance
ย 
PDF
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
FIDO Alliance
ย 
PDF
Authentication and ID Proofing in Education
FIDO Alliance
ย 
PPTX
FIDO and Mobile Connect
FIDO Alliance
ย 
PDF
FIDO Alliance Vision and Status
FIDO Alliance
ย 
PPTX
Fido China Working Group (FCWG)
FIDO Alliance
ย 
PPTX
FIDO Specifications Overview
FIDO Alliance
ย 
PPTX
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
ย 
PPTX
Introduction to the FIDO Alliance: Vision & Status
FIDO Alliance
ย 
PDF
Modern Authentication for a Connected World
FIDO Alliance
ย 
PPTX
FIDO - The Value of Membership
FIDO Alliance
ย 
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
FIDO Alliance
ย 
FIDO Masterclass
FIDO Alliance
ย 
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
FIDO Alliance
ย 
Introduction to FIDO Authentication
FIDO Alliance
ย 
Deployment Case Study: Login.gov & FIDO2
FIDO Alliance
ย 
Google Case Study: Becoming Unphishable
FIDO Alliance
ย 
Integrating FIDO & Federation Protocols
FIDO Alliance
ย 
FIDO Authentication and GSMA Mobile Connect
FIDO Alliance
ย 
Google Case Study: Strong Authentication for Employees and Consumers
FIDO Alliance
ย 
Fido Technical Overview
FIDO Alliance
ย 
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
FIDO Alliance
ย 
Authentication and ID Proofing in Education
FIDO Alliance
ย 
FIDO and Mobile Connect
FIDO Alliance
ย 
FIDO Alliance Vision and Status
FIDO Alliance
ย 
Fido China Working Group (FCWG)
FIDO Alliance
ย 
FIDO Specifications Overview
FIDO Alliance
ย 
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
ย 
Introduction to the FIDO Alliance: Vision & Status
FIDO Alliance
ย 
Modern Authentication for a Connected World
FIDO Alliance
ย 
FIDO - The Value of Membership
FIDO Alliance
ย 
Ad

Viewers also liked (11)

PPTX
Introduction to FIDO Alliance
FIDO Alliance
ย 
PDF
FIDO Authentication for Multifactor Payments
FIDO Alliance
ย 
PDF
NIST 800-63 Guidance & FIDO Authentication
FIDO Alliance
ย 
PDF
FIDO Authentication & Blockchain
FIDO Alliance
ย 
PDF
FIDO Certified Program: Status & Futures
FIDO Alliance
ย 
PDF
FIDO Authentication Opportunities in Healthcare
FIDO Alliance
ย 
PDF
Strong Authentication and US Federal Digital Services
FIDO Alliance
ย 
PDF
FIDO Technical Specifications Overview
FIDO Alliance
ย 
PPTX
Getting to Know the FIDO Specifications - Technical Tutorial
FIDO Alliance
ย 
PDF
Javelin Research 2017 State of Authentication Report
FIDO Alliance
ย 
PDF
FIDO, Federation & Facebook Social Login
FIDO Alliance
ย 
Introduction to FIDO Alliance
FIDO Alliance
ย 
FIDO Authentication for Multifactor Payments
FIDO Alliance
ย 
NIST 800-63 Guidance & FIDO Authentication
FIDO Alliance
ย 
FIDO Authentication & Blockchain
FIDO Alliance
ย 
FIDO Certified Program: Status & Futures
FIDO Alliance
ย 
FIDO Authentication Opportunities in Healthcare
FIDO Alliance
ย 
Strong Authentication and US Federal Digital Services
FIDO Alliance
ย 
FIDO Technical Specifications Overview
FIDO Alliance
ย 
Getting to Know the FIDO Specifications - Technical Tutorial
FIDO Alliance
ย 
Javelin Research 2017 State of Authentication Report
FIDO Alliance
ย 
FIDO, Federation & Facebook Social Login
FIDO Alliance
ย 
Ad

Similar to Protecting IDAAS with FIDO Authentication (20)

PDF
Introduction to the FIDO Alliance
FIDO Alliance
ย 
PDF
The Future of Authentication for IoT
FIDO Alliance
ย 
PDF
โ€œYour Security, More Simple.โ€ by utilizing FIDO Authentication
LINE Corporation
ย 
PDF
Tokyo Seminar: FIDO Alliance Vision and Status
FIDO Alliance
ย 
PDF
FIDO Authentication Technical Overview
FIDO Alliance
ย 
PDF
FIDO Authentication Technical Overview
FIDO Alliance
ย 
PPTX
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
ย 
PDF
Beyond Passwords: FIDO and the Future of User Authentication
FIDO Alliance
ย 
PDF
Beyond Passwords: FIDO & the Future of Consumer Authentication
FIDO Alliance
ย 
PPTX
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
FIDO Alliance
ย 
PPTX
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar Introduction to FIDO.pptx
FIDO Alliance
ย 
PDF
Technical Principles of FIDO Authentication
FIDO Alliance
ย 
PDF
Technical Principles of FIDO Authentication
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar: FIDO Tech Principles.pptx
FIDO Alliance
ย 
PPTX
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
FIDO Alliance
ย 
PDF
Using FIDO Authenticator for IoT Devices
FIDO Alliance
ย 
PPTX
Intro to Passkeys and the State of Passwordless.pptx
FIDO Alliance
ย 
PDF
Introduction to FIDO Biometric Authentication
FIDO Alliance
ย 
PDF
Eliminating Passwords with Biometrics for Identity Access Management Webinar
Veridium
ย 
Introduction to the FIDO Alliance
FIDO Alliance
ย 
The Future of Authentication for IoT
FIDO Alliance
ย 
โ€œYour Security, More Simple.โ€ by utilizing FIDO Authentication
LINE Corporation
ย 
Tokyo Seminar: FIDO Alliance Vision and Status
FIDO Alliance
ย 
FIDO Authentication Technical Overview
FIDO Alliance
ย 
FIDO Authentication Technical Overview
FIDO Alliance
ย 
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
ย 
Beyond Passwords: FIDO and the Future of User Authentication
FIDO Alliance
ย 
Beyond Passwords: FIDO & the Future of Consumer Authentication
FIDO Alliance
ย 
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
FIDO Alliance
ย 
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
FIDO Alliance
ย 
FIDO Munich Seminar Introduction to FIDO.pptx
FIDO Alliance
ย 
Technical Principles of FIDO Authentication
FIDO Alliance
ย 
Technical Principles of FIDO Authentication
FIDO Alliance
ย 
FIDO Munich Seminar: FIDO Tech Principles.pptx
FIDO Alliance
ย 
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
FIDO Alliance
ย 
Using FIDO Authenticator for IoT Devices
FIDO Alliance
ย 
Intro to Passkeys and the State of Passwordless.pptx
FIDO Alliance
ย 
Introduction to FIDO Biometric Authentication
FIDO Alliance
ย 
Eliminating Passwords with Biometrics for Identity Access Management Webinar
Veridium
ย 

More from FIDO Alliance (20)

PPTX
Securing Account Lifecycles in the Age of Deepfakes.pptx
FIDO Alliance
ย 
PPTX
FIDO Seminar: Perspectives on Passkeys & Consumer Adoption.pptx
FIDO Alliance
ย 
PPTX
FIDO Seminar: Evolving Landscape of Post-Quantum Cryptography.pptx
FIDO Alliance
ย 
PPTX
FIDO Seminar: Targeting Trust: The Future of Identity in the Workforce.pptx
FIDO Alliance
ย 
PPTX
FIDO Seminar: New Data: Passkey Adoption in the Workforce.pptx
FIDO Alliance
ย 
PPTX
FIDO Seminar: Authentication for a Billion Consumers - Amazon.pptx
FIDO Alliance
ย 
PPTX
FIDO Alliance Seminar State of Passkeys.pptx
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar: Securing Smart Car.pptx
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar: Strong Workforce Authn Push & Pull Factors.pptx
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar: Biometrics and Passkeys for In-Vehicle Apps.pptx
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar Workforce Authentication Case Study.pptx
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar In-Vehicle Payment Trends.pptx
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar FIDO Automotive Apps.pptx
FIDO Alliance
ย 
PPTX
FIDO Munich Seminar Blueprint for In-Vehicle Payment Standard.pptx
FIDO Alliance
ย 
PPTX
UX Webinar Series: Aligning Authentication Experiences with Business Goals
FIDO Alliance
ย 
PDF
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
ย 
PDF
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance
ย 
PDF
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance
ย 
PDF
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
ย 
PDF
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
ย 
Securing Account Lifecycles in the Age of Deepfakes.pptx
FIDO Alliance
ย 
FIDO Seminar: Perspectives on Passkeys & Consumer Adoption.pptx
FIDO Alliance
ย 
FIDO Seminar: Evolving Landscape of Post-Quantum Cryptography.pptx
FIDO Alliance
ย 
FIDO Seminar: Targeting Trust: The Future of Identity in the Workforce.pptx
FIDO Alliance
ย 
FIDO Seminar: New Data: Passkey Adoption in the Workforce.pptx
FIDO Alliance
ย 
FIDO Seminar: Authentication for a Billion Consumers - Amazon.pptx
FIDO Alliance
ย 
FIDO Alliance Seminar State of Passkeys.pptx
FIDO Alliance
ย 
FIDO Munich Seminar: Securing Smart Car.pptx
FIDO Alliance
ย 
FIDO Munich Seminar: Strong Workforce Authn Push & Pull Factors.pptx
FIDO Alliance
ย 
FIDO Munich Seminar: Biometrics and Passkeys for In-Vehicle Apps.pptx
FIDO Alliance
ย 
FIDO Munich Seminar Workforce Authentication Case Study.pptx
FIDO Alliance
ย 
FIDO Munich Seminar In-Vehicle Payment Trends.pptx
FIDO Alliance
ย 
FIDO Munich Seminar FIDO Automotive Apps.pptx
FIDO Alliance
ย 
FIDO Munich Seminar Blueprint for In-Vehicle Payment Standard.pptx
FIDO Alliance
ย 
UX Webinar Series: Aligning Authentication Experiences with Business Goals
FIDO Alliance
ย 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
ย 
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance
ย 
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance
ย 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
ย 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
ย 

Recently uploaded (20)

PDF
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
ย 
PPTX
Digital Literacy And Online Safety on internet
riksa rifqi
ย 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
ย 
PDF
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
ย 
PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
ย 
PPTX
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
ย 
DOCX
Unit-3 cyber security network security of internet system
shivangisharma636228
ย 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
ย 
PPTX
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
ย 
PPTX
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
ย 
PDF
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
ย 
PDF
๐Ÿ’ฐ ๐”๐Š๐“๐ˆ ๐Š๐„๐Œ๐„๐๐€๐๐†๐€๐ ๐Š๐ˆ๐๐„๐‘๐Ÿ’๐ƒ ๐‡๐€๐‘๐ˆ ๐ˆ๐๐ˆ ๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“ ๐Ÿ’ฐ
GRAB
ย 
PPT
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
ย 
PDF
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
ย 
PPTX
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
ย 
PPTX
artificial intelligence overview of it and more
yafotin445
ย 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
ย 
PDF
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
ย 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
ย 
PDF
Testing WebRTC applications at scale.pdf
Giacomo Vacca
ย 
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
ย 
Digital Literacy And Online Safety on internet
riksa rifqi
ย 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
ย 
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
ย 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
ย 
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
ย 
Unit-3 cyber security network security of internet system
shivangisharma636228
ย 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
ย 
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
ย 
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
ย 
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
ย 
๐Ÿ’ฐ ๐”๐Š๐“๐ˆ ๐Š๐„๐Œ๐„๐๐€๐๐†๐€๐ ๐Š๐ˆ๐๐„๐‘๐Ÿ’๐ƒ ๐‡๐€๐‘๐ˆ ๐ˆ๐๐ˆ ๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“ ๐Ÿ’ฐ
GRAB
ย 
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
ย 
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
ย 
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
ย 
artificial intelligence overview of it and more
yafotin445
ย 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
ย 
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
ย 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
ย 
Testing WebRTC applications at scale.pdf
Giacomo Vacca
ย 

Protecting IDAAS with FIDO Authentication

  • 1. All Rights Reserved | FIDO Alliance | Copyright 20171 NEOWAVE + TRUSTELEM PROTECTING IDAAS* (WEB/CLOUD SSO*) WITH FIDO U2F * IDAAS: IDENTITY AS A SERVICE SSO: SINGLE SIGN ON
  • 2. All Rights Reserved | FIDO Alliance | Copyright 20172 Deployment Case Study: Trustelem & Neowave Protecting IDAAS with FIDO U2F Gregory Haรฏk, CEO, Trustelem Frederic Martin, Security Architect, NEOWAVE
  • 3. All Rights Reserved | FIDO Alliance | Copyright 20173 FIDO U2F TO PROTECT IDENTITY AS A SERVICE
  • 4. All Rights Reserved | FIDO Alliance | Copyright 20174 NEOWAVE: SMART CARD BASED SECURITY PRODUCTS NEOWAVE mission is to address these issues through strong authentication, encryption and digital signatures based on secure smart card based products. Identity theft (phishing), fraud, data theft and cyber attacks are on the rise
  • 5. All Rights Reserved | FIDO Alliance | Copyright 20175 EASY PHISHING ATTACKS AGAINST SMS CODES User Real website username password SMS username password SMS Send SMS3 1 4 5 2 Fake website or MITM attack
  • 6. All Rights Reserved | FIDO Alliance | Copyright 20176 EASY PHISHING ATTACKS AGAINST OTP / TOTP username password OTP username password OTP OTP generator2 1 3 5 4 User Real websiteFake website or MITM attack
  • 7. All Rights Reserved | FIDO Alliance | Copyright 20177 EASY PHISHING ATTACKS AGAINST SCANNED QR CODE VALIDATION User Real websiteFake website or MITM attack Give access Read QR Code 2 3 1 Validate (wrong) access4 5
  • 8. All Rights Reserved | FIDO Alliance | Copyright 20178 FIDO U2F: SIMPLE / SECURE SOLUTION AGAINST PHISHING ATTACKS 2 โ€“ Data to be signed (challenge, hashed url, etc.) 4 โ€“ Signed Data 3 โ€“ Digital Signature (built-in smart card) 6 โ€“ Signature Verification 1 โ€“ Data to be signed (challenge, hashed url, etc.) 5 โ€“ Signed Data SSL Token Binding MITM protection
  • 9. All Rights Reserved | FIDO Alliance | Copyright 20179 FIDO U2F USB SECURITY KEY PLUG KEYDO SECURITY KEY IN ENTER USERNAME & PASSWORD THATโ€™S IT
  • 10. All Rights Reserved | FIDO Alliance | Copyright 201710 FIDO U2F NFC CARD APPROACH BADGEO NFC CARD THATโ€™S IT ENTER USERNAME & PASSWORD
  • 11. All Rights Reserved | FIDO Alliance | Copyright 201711 TRUSTELEM: IDENTITY AS A SERVICE Company Corporate applications Trustelem enables your IT users to go from one application to another, without the need to re-authenticate. Trustelem manages digital identities of your IT users (IDaaS - Identity-as-a-Service Cloud Single Sign-On, SSO).
  • 12. All Rights Reserved | FIDO Alliance | Copyright 201712 FIDO U2F ADVANTAGES FOR WEB SSO LOGON โ€ข No driver installation requirement โ€ข Web browser built-in support โ€ข Multi-platform / multi-channel protocol โ€ข High security level (built-in smart card) โ€ข Ultimate solution against identity theft
  • 13. All Rights Reserved | FIDO Alliance | Copyright 201713 SIMPLE /SECURE WEB SSO LOGON Password then FIDO U2F
  • 14. All Rights Reserved | FIDO Alliance | Copyright 201714 ALL-IN-ONE USER DASHBOARDS ACCESS PROTECTION Now you donโ€™t have to wait for Microsoft to integrate FIDO U2F authentication :)
  • 15. All Rights Reserved | FIDO Alliance | Copyright 201715 APPLICATIONS ACCESS e.g. facebook workplace
  • 16. All Rights Reserved | FIDO Alliance | Copyright 201716 ADMIN CONSOLE Setup directories, users, apps, permissionsโ€ฆ Logs, deployment audit
  • 17. All Rights Reserved | FIDO Alliance | Copyright 201717 MORE FIDO U2F ADVANTAGES โ€ข FIDO U2F devices are anonymous (no user information, just anonymous keys, association is done on the server side) โ€ข FIDO U2F devices can be filtered, web services can be locked only for our own customized devices (attestation certificate)
  • 18. All Rights Reserved | FIDO Alliance | Copyright 201718 CONCLUSION โ€ข FIDO U2F strongly recommended for Web SSO users and/or administrators โ€ข Secure but easy to use and deploy