FIDO Seminar: Authentication for a Billion Consumers - Amazon.pptx
Download as PPTX, PDF•0 likes•528 views
FIDO Seminar: Authentication for a Billion Consumers - Amazon
FIDO Seminar: Authentication for a Billion Consumers - Amazon.pptx
- 1. © FIDO Alliance 2025 1 1 © FIDO Alliance 2025 Authentication for a Billion Consumers Mike Slaugh Principal Security Engineer
- 2. © FIDO Alliance 2025 2 Scaling leads to more … Users 123456 Authenticators Complexity
- 3. © FIDO Alliance 2025 3 3 © FIDO Alliance 2025 How do you scale an authentication system to a billion users?
- 4. © FIDO Alliance 2025 4 Scaling leads to more … Users 123456 Authenticators Complexity Custom er Experience Sim plify Choice
- 5. © FIDO Alliance 2025 5 #1 Customer Experience
- 6. © FIDO Alliance 2025 6 Two Roles in Authentication Systems Security Owner Experience Owner
- 7. © FIDO Alliance 2025 7 FRESH Security Certified
- 8. © FIDO Alliance 2025 8 FRESH Experience Certified
- 9. © FIDO Alliance 2025 9
- 10. © FIDO Alliance 2025 10 FRESH Security Certified FRESH Experience Certified
- 11. © FIDO Alliance 2025 11 Combine Roles? ?
- 12. © FIDO Alliance 2025 12 Considerations for Customer Obsession Create a step-by-step experience to guide your customers through the authentication process Authenticate customers at one time. Avoid constantly redirecting the user back for more authentication Simple Create defaults and preferences based on historical usage Predict which authentication methods apply to the customer and have them ready Applicable Eliminate confusing terms and phrases that may only be meaningful only in certain languages or cultures. Accommodating
- 13. © FIDO Alliance 2025 13 #2 Simplify
- 14. © FIDO Alliance 2025 14 Authentication Taxonomy Verify An establishment of trust in an identity claim that facilitates downstream activities and events. Enroll An agreement between parties of the credentials that will be used going forward. Recover An event when a user no longer has access to the previously agreed upon credentials and needs another way to access their account. Authenticate A ceremony where credentials are presented and validated to quickly and easily reverify the user’s identity
- 15. © FIDO Alliance 2025 15 Authenticator of Choice A1 A2 ID + AuthN Know • Password • PIN • Passphrase Have • Security Keys • Smart Card • One Time Codes • Device Recognition • TOTP • Authenticator Apps • Digital Certificate • Device Bound Passkey Are Biometrics • Touch • Face • Voice • User Name • Email Address • Phone Number • Customer Number Allow users to have multiple options and let them choose based on current situation Identifier Authentication • Multifactor Authentication • Single factor Authentication + =
- 16. © FIDO Alliance 2025 16 #3 Choice
- 17. © FIDO Alliance 2025 17 Which Authenticators should you use? 1 2 3 4 5 6 Trust Thresholds should determine which authenticators the program will support Authenticator High Trust Med Trust Security
- 18. © FIDO Alliance 2025 18 Login Please sign in to continue. Email [email protected] Don’t have an account? Sign Up Remember me NEXT Verify Please choose a verification method Password Passkey Send a code to my phone Use an authenticator app More Options? NEXT Password Please enter your password Password LOGIN
- 19. © FIDO Alliance 2025 19 Trust Matrix • Choose Authenticators that are high trust • Don’t allow combination of lower trust authenticators A1 A2 High Med High Med Trust Thresholds should determine which authenticators the program will support
- 20. © FIDO Alliance 2025 20 In Summary … Build experiences based on customer needs 1 Simplify the complexity of the ecosystem 2 Provide several options to authenticate 3
- 21. © FIDO Alliance 2025 21 21 © FIDO Alliance 2025 Thank you
Editor's Notes
- #2: Users Edge cases become use cases Different markets will have different capabilities Complexity Complexity is the enemy of scaling Authenticators There is no “one authenticator” rule them all