Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

FIDO Munich Seminar FIDO Automotive Apps.pptx

Download as PPTX, PDF
FIDO Alliance
FIDO Alliance

FIDO Munich Seminar FIDO Automotive Apps.pptx

1 of 23
© FIDO Alliance 2024 Confidential 1 FIDO Automotive Applications July 2024 Andrew Shikiar FIDO Alliance David Turner FIDO Alliance
© FIDO Alliance 2024 2 What is the FIDO Alliance? The FIDO Alliance is an open industry association with a focused mission: reduce the world’s reliance on passwords. To accomplish this, the FIDO Alliance promotes the development, use and compliance with standards for authentication and device attestation.
© FIDO Alliance 2024 3 Backed by global tech leaders + Sponsor members + Associate members + Liaison members + Government members
© FIDO Alliance 2024 4 The FIDO Alliance works to fulfill its mission through… Define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords Technical Specifications Industry Certification Programs Market Adoption Programs Ensure interoperability, security and usability of products, services and components Promote the use of FIDO globally to drive adoption and education
© FIDO Alliance 2024 5 What is a passkey? Passkey /’pas, kē/ noun Passkeys are a password replacement based on FIDO protocols that provide faster, easier, more secure sign-ins to online services. A passkey may be synced across a secure cloud so that it’s readily available on all of a user’s devices, or it can be bound to a dedicated device such as a FIDO security key. Passkeys are 4x simpler to use since they don’t need to be remembered or typed. You just use your fingerprint, face scan, or screen lock to sign in across all your devices and platforms. Source: Google 4x simpler
© FIDO Alliance 2024 6 Passkey adoption by the numbers of the world’s top 100 websites and services 20% of the world’s top 250 websites and services 12% 13B More than accounts can now leverage passkeys for sign in 96%+ of active browsers 98%+ of mobile devices (Since October 2022)
© FIDO Alliance 2024 7 FIDO Device Onboarding (FDO) simplifies Software Defined Vehicle (SDV): Why FIDO for automotive?
© FIDO Alliance 2024 8 How FIDO solves these challenges Passkeys Eliminating risks and poor UX associated with passwords FIDO Device Onboard (FDO) Simpler, faster and more secure onboarding of devices Applicable for manufacturing and in-car use – also for after-market Technical Specifications Industry Certification Programs Market Adoption Programs Passkey and FDO Certification Programs Ensure product interoperability and conformance to respective FIDO specifications Biometric Component Certification Assess the performance of biometric products for various modalities (fingerprint, face, voice, iris) For all specs and certification programs Identification of vertical and horizontal requirements Deployment guidelines and community support Implementation guidance and best practices Global in-person and virtual events
© FIDO Alliance 2024 9 Simplest and fastest way to sign-in Passkeys are 4x simpler to use since they don't need to be remembered or typed. With a fingerprint, face scan, or screen lock, users can sign in across all their devices and platforms. How Passkeys Work A passkey has 2 parts: the user's private key that corresponds to their devices, and a public key on the server to authenticate with the service provider. When a user signs in, the service provider checks to see if the public key matches the user's private key. To verify their identity with the service provider, the user is prompted to unlock their device with their private passkey. The private key is private to the user and is not visible to their credential manager or the service they are signing into. source: https://fidoalliance.org/how-fido-works/
© FIDO Alliance 2024 10 Sample passkey usage in automotive Private key stored in infotainment system Public key stored in Cloud 1. Driver requests to login 2. Cloud asks driver to confirm they want to login (fingerprint, face, etc.) Passkeys are based on Public Key Cryptography – a private and public key that are mathematically linked 3. Website checks to see if Private key and Public key match
© FIDO Alliance 2024 11 Passkeys as part of in-car payment authentication • Secure, reliable & easy-to-use payment authentication is key for in-car commerce • Fuel, convenience items, toll fees, etc. • FIDO in payment solutions is primarily for Secure Customer Authentication. • SCA mobile digital banking, 3DS SCA, and delegated authentication respectively. • FIDO Board Members include Visa, American Express, Mastercard Participants in remote transactions
© FIDO Alliance 2024 12 FIDO Device Onboard (FDO) • Zero touch onboarding – integrates with existing zero touch solutions • Fast & more secure – ~1 minute • Hardware flexibility – any hardware - ARM MCU to Intel® Xeon® • Any cloud – internet, intranet & closed network, multi-tenant • Late binding – reduces number of product SKUs needed • Multiple implementations – 5 implementations in various programming languages • Certification program – Available from FIDO Alliance 12 Drop ship device to installation location Power-up & connect to Network Auto-provisions, Onboards to Zone Controller 12 1. No product or component can be absolutely secure ECU 1 2 3 Fast, Scalable Device Provisioning, Onboarding & Activation
© FIDO Alliance 2024 13 Industry Certification Programs Ensure interoperability, security and usability of products, services and components FIDO Certification Programs User Authentication • Functional Certification • Authenticator Level Certification Identity Verification • Face Verification Certification • Document Authenticity Certification Biometric Components • Biometric Component Certification Device Onboarding • FIDO Device Onboard Certification
© FIDO Alliance 2024 14 14 FIDO User Authentication Program Functional Certification Security Evaluation Authenticator Certification Functional Certification Security Evaluation Server Certification
© FIDO Alliance 2024 15 15 Level 1 Basic authenticator security Software based solutions Level 2 Adds Allowed Restricted Operating Requirement (AROE) Increased assurances based on the AROE Level 3 All requirements of level 1 and 2, with added assurances related to hardware protections Companion Program required Authenticator Certification Security Levels
© FIDO Alliance 2024 16 Biometric Component Certification • Certifies the efficacy of biometric subsystems, including: • End-to-end performance • Differential assessment of demographic groups • Presentation attack detection (PAD) • Independent validation of biometric performance. • No need to maintain own program for evaluating biometric products. • Requirements developed by a diverse, international group of stakeholders from industry, government, and subject matter experts. • Evaluation conforms to ISO standards around biometric evaluation. • Complements FIDO Authenticator Certification at Level 2 Security and is mandatory at Level3/L3+ Security Certification.
© FIDO Alliance 2024 17 FIDO fit for Application Authentication User authentication for in-car purchases e.g., EV charging Ensures strong performance of biometric components for in-vehicle services Passwordless access to mobile apps
© FIDO Alliance 2024 18 Cloud Local Server FIDO Certified authentication/passkeys for workforce authentication FIDO fit for Workforce Authentication FIDO Passkey Authentication FIDO Device Onboarding
© FIDO Alliance 2024 19 Manufacturing Cloud Local Server Soft PLCs/Motion control FIDO Certified Device Onboarding of PLCs FIDO Certified Device Onboarding of Robotics FIDO fit for Automotive Manufacturing FIDO Certified Device Onboarding of server to cloud
© FIDO Alliance 2024 20 Vehicle computer Zone controller FIDO Device Onboarding to Cloud for firmware updates FIDO fit for In-vehicle Systems FIDO Device Onboarding to onboard ECUs and Zone Controllers FIDO Standards Support OEM and/or Authorized 3rd party components management ECU ECU ECU
© FIDO Alliance 2024 21 Why adopt FIDO standards? Open standards benefit from collective security expertise. 1 2 3 4 5 6 7 They adapt to emerging security threats. Members can enhance standards to meet new use cases over time. It streamlines the process of analyzing system security. Maintenance is managed by open source or commercial entities, not users. Proprietary systems may face support issues if experts leave. FIDO certification tests ensure solutions from various vendors work together.
© FIDO Alliance 2024 22 Summary Passkeys eliminate the risk and friction of passwords – enabling user-friendly MFA in a single gesture. · Passkey support in all major consumer operating systems and browsers · Several automotive apps already leverage passkeys for sign-in (BMW, Toyota). Biometric certification compliments passkeys for in-car personalization and payments. FDO can be broadly applied in manufacturing and in-car · Already being used by manufacturing companies such as ExxonMobil Certification drives interoperability, security and performance Extensible standards · If automotive use cases aren’t fully addressed by current FIDO standards and programs, stakeholders can engage with the Alliance to add to roadmap. Read the FIDO Alliance Case Study: Toyota Motor Corporation turns to FIDO Authentication for Enhanced Login in Japan. https://fidoalliance.org/toyota-motor-corporation- turners-to-fido-authentication-for-enhanced-login-in- japan-2
© FIDO Alliance 2024 Confidential 23 © FIDO Alliance 2024 Confidential 23 Thank you

More Related Content

FIDO Munich Seminar FIDO Automotive Apps.pptx

  • 1. © FIDO Alliance 2024 Confidential 1 FIDO Automotive Applications July 2024 Andrew Shikiar FIDO Alliance David Turner FIDO Alliance
  • 2. © FIDO Alliance 2024 2 What is the FIDO Alliance? The FIDO Alliance is an open industry association with a focused mission: reduce the world’s reliance on passwords. To accomplish this, the FIDO Alliance promotes the development, use and compliance with standards for authentication and device attestation.
  • 3. © FIDO Alliance 2024 3 Backed by global tech leaders + Sponsor members + Associate members + Liaison members + Government members
  • 4. © FIDO Alliance 2024 4 The FIDO Alliance works to fulfill its mission through… Define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords Technical Specifications Industry Certification Programs Market Adoption Programs Ensure interoperability, security and usability of products, services and components Promote the use of FIDO globally to drive adoption and education
  • 5. © FIDO Alliance 2024 5 What is a passkey? Passkey /’pas, kē/ noun Passkeys are a password replacement based on FIDO protocols that provide faster, easier, more secure sign-ins to online services. A passkey may be synced across a secure cloud so that it’s readily available on all of a user’s devices, or it can be bound to a dedicated device such as a FIDO security key. Passkeys are 4x simpler to use since they don’t need to be remembered or typed. You just use your fingerprint, face scan, or screen lock to sign in across all your devices and platforms. Source: Google 4x simpler
  • 6. © FIDO Alliance 2024 6 Passkey adoption by the numbers of the world’s top 100 websites and services 20% of the world’s top 250 websites and services 12% 13B More than accounts can now leverage passkeys for sign in 96%+ of active browsers 98%+ of mobile devices (Since October 2022)
  • 7. © FIDO Alliance 2024 7 FIDO Device Onboarding (FDO) simplifies Software Defined Vehicle (SDV): Why FIDO for automotive?
  • 8. © FIDO Alliance 2024 8 How FIDO solves these challenges Passkeys Eliminating risks and poor UX associated with passwords FIDO Device Onboard (FDO) Simpler, faster and more secure onboarding of devices Applicable for manufacturing and in-car use – also for after-market Technical Specifications Industry Certification Programs Market Adoption Programs Passkey and FDO Certification Programs Ensure product interoperability and conformance to respective FIDO specifications Biometric Component Certification Assess the performance of biometric products for various modalities (fingerprint, face, voice, iris) For all specs and certification programs Identification of vertical and horizontal requirements Deployment guidelines and community support Implementation guidance and best practices Global in-person and virtual events
  • 9. © FIDO Alliance 2024 9 Simplest and fastest way to sign-in Passkeys are 4x simpler to use since they don't need to be remembered or typed. With a fingerprint, face scan, or screen lock, users can sign in across all their devices and platforms. How Passkeys Work A passkey has 2 parts: the user's private key that corresponds to their devices, and a public key on the server to authenticate with the service provider. When a user signs in, the service provider checks to see if the public key matches the user's private key. To verify their identity with the service provider, the user is prompted to unlock their device with their private passkey. The private key is private to the user and is not visible to their credential manager or the service they are signing into. source: https://fidoalliance.org/how-fido-works/
  • 10. © FIDO Alliance 2024 10 Sample passkey usage in automotive Private key stored in infotainment system Public key stored in Cloud 1. Driver requests to login 2. Cloud asks driver to confirm they want to login (fingerprint, face, etc.) Passkeys are based on Public Key Cryptography – a private and public key that are mathematically linked 3. Website checks to see if Private key and Public key match
  • 11. © FIDO Alliance 2024 11 Passkeys as part of in-car payment authentication • Secure, reliable & easy-to-use payment authentication is key for in-car commerce • Fuel, convenience items, toll fees, etc. • FIDO in payment solutions is primarily for Secure Customer Authentication. • SCA mobile digital banking, 3DS SCA, and delegated authentication respectively. • FIDO Board Members include Visa, American Express, Mastercard Participants in remote transactions
  • 12. © FIDO Alliance 2024 12 FIDO Device Onboard (FDO) • Zero touch onboarding – integrates with existing zero touch solutions • Fast & more secure – ~1 minute • Hardware flexibility – any hardware - ARM MCU to Intel® Xeon® • Any cloud – internet, intranet & closed network, multi-tenant • Late binding – reduces number of product SKUs needed • Multiple implementations – 5 implementations in various programming languages • Certification program – Available from FIDO Alliance 12 Drop ship device to installation location Power-up & connect to Network Auto-provisions, Onboards to Zone Controller 12 1. No product or component can be absolutely secure ECU 1 2 3 Fast, Scalable Device Provisioning, Onboarding & Activation
  • 13. © FIDO Alliance 2024 13 Industry Certification Programs Ensure interoperability, security and usability of products, services and components FIDO Certification Programs User Authentication • Functional Certification • Authenticator Level Certification Identity Verification • Face Verification Certification • Document Authenticity Certification Biometric Components • Biometric Component Certification Device Onboarding • FIDO Device Onboard Certification
  • 14. © FIDO Alliance 2024 14 14 FIDO User Authentication Program Functional Certification Security Evaluation Authenticator Certification Functional Certification Security Evaluation Server Certification
  • 15. © FIDO Alliance 2024 15 15 Level 1 Basic authenticator security Software based solutions Level 2 Adds Allowed Restricted Operating Requirement (AROE) Increased assurances based on the AROE Level 3 All requirements of level 1 and 2, with added assurances related to hardware protections Companion Program required Authenticator Certification Security Levels
  • 16. © FIDO Alliance 2024 16 Biometric Component Certification • Certifies the efficacy of biometric subsystems, including: • End-to-end performance • Differential assessment of demographic groups • Presentation attack detection (PAD) • Independent validation of biometric performance. • No need to maintain own program for evaluating biometric products. • Requirements developed by a diverse, international group of stakeholders from industry, government, and subject matter experts. • Evaluation conforms to ISO standards around biometric evaluation. • Complements FIDO Authenticator Certification at Level 2 Security and is mandatory at Level3/L3+ Security Certification.
  • 17. © FIDO Alliance 2024 17 FIDO fit for Application Authentication User authentication for in-car purchases e.g., EV charging Ensures strong performance of biometric components for in-vehicle services Passwordless access to mobile apps
  • 18. © FIDO Alliance 2024 18 Cloud Local Server FIDO Certified authentication/passkeys for workforce authentication FIDO fit for Workforce Authentication FIDO Passkey Authentication FIDO Device Onboarding
  • 19. © FIDO Alliance 2024 19 Manufacturing Cloud Local Server Soft PLCs/Motion control FIDO Certified Device Onboarding of PLCs FIDO Certified Device Onboarding of Robotics FIDO fit for Automotive Manufacturing FIDO Certified Device Onboarding of server to cloud
  • 20. © FIDO Alliance 2024 20 Vehicle computer Zone controller FIDO Device Onboarding to Cloud for firmware updates FIDO fit for In-vehicle Systems FIDO Device Onboarding to onboard ECUs and Zone Controllers FIDO Standards Support OEM and/or Authorized 3rd party components management ECU ECU ECU
  • 21. © FIDO Alliance 2024 21 Why adopt FIDO standards? Open standards benefit from collective security expertise. 1 2 3 4 5 6 7 They adapt to emerging security threats. Members can enhance standards to meet new use cases over time. It streamlines the process of analyzing system security. Maintenance is managed by open source or commercial entities, not users. Proprietary systems may face support issues if experts leave. FIDO certification tests ensure solutions from various vendors work together.
  • 22. © FIDO Alliance 2024 22 Summary Passkeys eliminate the risk and friction of passwords – enabling user-friendly MFA in a single gesture. · Passkey support in all major consumer operating systems and browsers · Several automotive apps already leverage passkeys for sign-in (BMW, Toyota). Biometric certification compliments passkeys for in-car personalization and payments. FDO can be broadly applied in manufacturing and in-car · Already being used by manufacturing companies such as ExxonMobil Certification drives interoperability, security and performance Extensible standards · If automotive use cases aren’t fully addressed by current FIDO standards and programs, stakeholders can engage with the Alliance to add to roadmap. Read the FIDO Alliance Case Study: Toyota Motor Corporation turns to FIDO Authentication for Enhanced Login in Japan. https://fidoalliance.org/toyota-motor-corporation- turners-to-fido-authentication-for-enhanced-login-in- japan-2
  • 23. © FIDO Alliance 2024 Confidential 23 © FIDO Alliance 2024 Confidential 23 Thank you