Upload
fido-alliance
View
581
Download
0
Embed Size (px)
Citation preview
FIDO-Based Next Generation Certification Services
Development ModelKim Tae-jin: Executive Director, Product Development
Raonsecure Co. Ltd.2016. 12
- 2 - Copyright(c)2016 by RAONSECURE
FIDO – Authentication Flow
- 3 - Copyright(c)2016 by RAONSECURE
FIDO – Market Situation
FIDO Specification &Certification Program
Expanded B2C / B2BServices
Fingerprint-based mobilebanking app; first Korean bank to adopt system built to FIDO
specification
The first banking case in Korea
Busan Bank app focuses on convenient
/ secure authentication with FIDO
Introduced to FinancialSector
FIDO Alliance
2012.07 Alliance established
FIDO Spec 1.0
Interoperability verification
FIDO Spec 2.0 in development
2014.12 FIDO spec v.1.0 released
2015.04 Certification program launched
- 4 - Copyright(c)2016 by RAONSECURE
Money 20/20
- 5 - Copyright(c)2016 by RAONSECURE
FIDO
• USB
• NFC
• Bluetooth LE
PC Environment
Add /Expand
• SAML / OAuth
• FDS
• OOB (2Channel)
Non-FIDO
Biometric
Bio authentication
Variousbiometric
• Face
• Voice
• Signature
• Pattern
3rd party
KFTC – compatible
Samsung Pay /
Samsung Pass
U2FFingerprint
Certificate
Authentication
- 6 - Copyright(c)2016 by RAONSECURE
Various biometric
Fusion of authentication methods
Ensure versatility & security
ManufacturerAuthenticator
LegacyExtension
Ext Interface
S/WAuthenticator
OMS Interface
Easy to integrate variousauthenticators
Standard interface required
- 7 - Copyright(c)2016 by RAONSECURE
B2C
Register
Verify ID
Login
Easy login
eSign
PW-lesseSignature
Transaction
Confirm ID
Auditing
Logmanagement
- 8 - Copyright(c)2016 by RAONSECURE
B2C – Easy registration & easy ID verification
Authentication
ServiceCustomer Authority
- 9 - Copyright(c)2016 by RAONSECURE
B2C - 3rd Party
diversified
management
FIDOClient
FIDOServer
3rd Party authentication Channel
verification Channel
- 10 - Copyright(c)2016 by RAONSECURE
B2C - Password-less eSignature
Bank Securities Shopping Public
Electronic signature
Requestverification
Certificate
Agency
Password-less based certificate verification is available by just changing Client
No need for additional
process – immediate use
- 11 - Copyright(c)2016 by RAONSECURE
Management – Policy & Auditing
- 12 - Copyright(c)2016 by RAONSECURE
B2B
Mobile office
EP / ERP / e-mail VDI
SAC
- 13 - Copyright(c)2016 by RAONSECURE
Evolution of Certificate System
Financial
Inst.
KFTC certificate link
KFTC
Dist. Mgmt. system
KFTC
Cert.
External auth. service link
Future Services
Manufacture / telco
portal site
Legacy Auth.
ID/PWD
OTP
PKI
FIDO Auth.
Auth. Service
Auth.
Service
Group / Company
External authentication service interface
ID/PWD
OTP
PKI
FIDO
Auth. Area Integrated Mgmt Service Area
Bank
Card
Capital
Securities
…
Financia
l service
s
Auth
. linkage
Int. Mgmt.
• Confidence
• Security rating
• Auth. management
• Extensible
Cloud-based
Multi-tenant
Self-provisioning / flexible
combination of auth. services
- 14 - Copyright(c)2016 by RAONSECURE
Evolution of Certificate System
- 15 - Copyright(c)2016 by RAONSECURE
Evolution of Certificate System
Tel. 02-561-4545 / Fax. 02-561-5343
Contact: Richard Kim, Director / [email protected]: Jason Burnett, Manager / [email protected]
Thank you.
This document is copyrighted by Raonsecure Co. Ltd. All rights reserved. Do not redistribute.
USIM Smart Auth.www.usimcert.com
Mobile Device Managementtouchen.raonsecure.com
WhiteHat Centerwhitehat.co.kr
FIDO biometric auth.raonsecure.com/onepass