Top Banner
A PERSPECTIVE ON BIOMETRICS FEBRUARY 2017 Rajiv Dholakia, VP Products [email protected] 1
19

A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

Apr 26, 2020

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

A PERSPECTIVE ON BIOMETRICSFEBRUARY 2017

Rajiv Dholakia, VP Products [email protected]

1

mailto:[email protected]
Page 2: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

AGE OF UBIQUITOUS BIOMETRICS 2017-2022

2NOK NOK LABS

Server SideBiometric Match

Border/Perimeter Control Applications, Surveillance

Systems

Client Side Uni-Modal Biometrics for Device

Unlock

Client Side Uni-Modal Biometrics for Device

& Cloud Service Access on Mobile

Client Side Multi-Modal, Mobile,

Wearable & Card based for Physical, IoT

& Cloud Services

Client & Server Side Multi-Modal, Mobile,

Wearable & Card based for Physical &

Cloud Services, Sensor Surround for Continuous

Authentication

Reco

gniti

on to

Aut

hent

icat

ion Biometrics are pervasive & ubiquitous

Consumers voting with their $$$ to use devices & services that are biometrically enabled

Use Cases Expanding Rapidly FIDO is preferred framework to tie both biometrics

& non-biometric authenticators together

Page 3: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS: A GIFT FROM THE DEVICE MAKERS & BIOMETRIC VENDORSDEVICES ARE RICH IN AUTHENTICATION CAPABILITIES, CONSUMERS COME TRAINED, PREFER OVER PASSWORDS

3

Camera

Fingerprint Sensor

Microphone

Secure Execution

Secure Storage

LocationMotion, Heartbeat, etc.M8

Face Recognition

FingerprintRecognition

VoiceRecognition

Tap

Cardiac Rhythm

NOK NOK LABS

Should we pick winners or leave it to Darwin?

Page 4: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

MANAGING DIVERSITY OF BIOMETRIC METHODS

WHICH BIOMETRIC METHOD WILL REPLACE PASSWORDS?

4NOK NOK LABS

Page 5: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

NOK NOK LABS5

Nok Nok Labs pioneered an industry movement of over 250+ companies (including major government agencies and technology alliances) that agree with our vision and expand the market for our software products – the FIDO Alliance

With industry and government leaders that include :

Government regulation for banking, payments and health care are driving enterprises to abandon the use of passwords

Industry alliances are cooperating to create alternatives to reliance on passwords

End users are rapidly adopting new authentication technologies such as fingerprint sensors, speaker recognition, face recognition and smart tokens, etc., that enable the elimination of passwords

NO SINGLE BIOMETRIC MODALITY WILL REPLACE PASSWORDS

Industry needs a framework for flexible authentication

Page 6: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

FIDO DOES BIOMETRICS REALLY WELLAUTHENTICATION THAT CAN GO FROM SILICON TO THE CLOUD

6

Hardware Integrity

OS Integrity

App Integrity

Network Integrity

User Integrity & Consent

Easy for Users, Easy for Developers, Easy for IT Operators

Completing TheChain of Trust

PROPRIETARY & CONFIDENTIALNOK NOK LABS

http://www.samsung.com/
http://www.samsung.com/
Page 7: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS ON THE SPECTRUMENABLING MULTIFACTOR AUTHENTICATION

7NOK NOK LABS

Something I Know

Something I Have

Something I Have+

Something I Know

Or

Something I Have, Who I am

Or

[Something I Have, Who I am]

x2…

TapTouch

Page 8: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

CHALLENGES ORIENTING TO A NEW TECHNOLOGY

Understanding biometrics deeply and designing a solution

8NOK NOK LABS

Page 9: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS: DESIGN, EFFECTIVENESS & SECURITY CHALLENGES

NOK NOK LABS 9

[email protected] Johnson

What you mean it’s a probabilistic match?

I’d like a copy of the fingerprint for my server as well…

It’s PII or isn’t it?

Why does Apple’s matching model differ from Android from Microsoft?

Rubber fingers, rubber fingers, hair-on-fire

Page 10: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

MASTERING BIOMETRIC AUTHENTICATION: BEST PRACTICES

10NOK NOK LABS

Recognition or Authentication? What’s at stake? Consent?

Active or Passive? Single or Multi-Modal?Recovery? Lifecycle model?

Documented Threat Model? How are templates & matcher protected? Attack vectors?

Failure modes, Predictability,Operational variations?

Is there PII? Who owns the biometric?

Operating multiple authentication silos or standards-based approach?

Run a POC Develop a framework for use (beware shiny objects) Build a 3-5 year roadmap Consider a standards-based approach with FIDO

Page 11: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

ATTACKSMITIGATED

Remotely attacking central servers steal data for impersonation

1

Physically attacking user devices misuse them for impersonation

6

Physically attacking user devicessteal data for impersonation

5

Remotely attacking lots of user devices

steal data for impersonation

Remotely attacking lots of user devices

misuse them for impersonation

Remotely attacking lots of user devices

misuse authenticated sessions

2 3 4Sc

alab

le a

ttac

ks

Physical attacks possible on lost orstolen devices(≈3% in the US in 2013)

User Coercion

Not

Sca

labl

eWith hardening of FPSAuthenticator Implementations – mitigate remote/scalable attacks

Threat Model For Fingerprint Sensors

NOK NOK LABS 11

CONFIDENCENOT FEAR

Page 12: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS & MOBILE CONNECT

12NOK NOK LABS

Page 13: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

MOBILE CONNECT LEVERAGES FIDO TO EXPAND THE SET OF AUTHENTICATORSBIOMETRICS SNAP INTO FIDO FRAMEWORK –EASY FOR DEVELOPERS, IT OPERATOR

NOK NOK LABS

Federation

Authentication

User Management

Identity Proofing(going from physical to digital identity)

Existing MNO KYC processes

Existing MNO CRM databases

Network-based authenticators (USSD, SIM applet etc.)

User Authentication

Mobile Connectis an

Identity Framework

FIDO providesAuthenticationFramework for Device-Based Authenticators

FIDO is an Authentication Framework

Page 14: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

FIDO UAF protocol

Mobile phoneWith MC App +FIDO SDK AuthN server

MNO

Tablet/desktop

Service access requestService Provider

Authentication request

Identity GW

First mile

Second mileSIM applet protocol (CPAS8)

AuthN server

SIM applet

MOBILE CONNECT HIGH LEVEL ARCHITECTURE WITH FIDOFIDO INTEGRATES AS OPTIONAL AUTHENTICATOR SUBSYSTEM

FIDO AuthN Server or Service

14NOK NOK LABS

Page 15: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS & BUSINESS STRATEGY

15NOK NOK LABS

Page 16: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

THE BATTLE FOR CUSTOMER EXPERIENCE & THE CLOUD

Apple on their vision for iTouch (much more than a sensor)• https://www.youtube.com/watch?v=U2MTLNfCZBQ

NTT DOCOMO Demo Videos:• https://www.youtube.com/watch?v=QzM4PpXEqP8[Fall 2015]

PayPal Video • http://youtu.be/L2xAk0aHBsI

How it Works:• https://www.youtube.com/watch?v=YcfGlLrSzQw

16NOK NOK LABS

Biometrics in particular & authentication in general are becoming a strategic weapon for dominance in cloud

services

https://www.youtube.com/watch?v=U2MTLNfCZBQ
https://www.youtube.com/watch?v=QzM4PpXEqP8
http://youtu.be/L2xAk0aHBsI
Page 17: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS: LEADERS FORGING AHEAD, SEEING STUNNING BENEFITS

NOK NOK LABS 17

[email protected] Johnson

Page 18: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRIC AUTHENTICATION : A BUSINESS PERSPECTIVEFRICTIONLESS AUTHENTICATION, PERSONALIZED TRANSACTIONS

NOK NOK LABS 18

Leaders are: Delighting customers Increasing ARPU Locking down security Creating seamless customer experiences across their ecosystem for

strategic advantage in cloud services and IoT

Page 19: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

FIN

19NOK NOK LABS


Related Documents
Biometrics Hiroki Morimoto. Overview Definition Definition Advantages/Disadvantages and Ideal Biometrics Advantages/Disadvantages and Ideal Biometrics.

Biometrics Hiroki Morimoto. Overview Definition Definition.....

Category: Documents
1. 2 BIOMETRIC VOTINNG SYSTEM 3 INTRODUCTION What is BIOMETRICS? * Biometrics is the term given to the use of biological traits or behavioral characteristics.

1. 2 BIOMETRIC VOTINNG SYSTEM 3 INTRODUCTION What is...

Category: Documents
Beyond Words: Use Biometrics to Measure Emotion in User Research

Beyond Words: Use Biometrics to Measure Emotion in User...

Category: Technology
Biometrics Commissioner Annual Report...3. National security, however, is not devolved and my remit as regards the police use of biometrics for national security purposes covers the

Biometrics Commissioner Annual Report...3. National...

Category: Documents
An Introduction to Biometrics Julian Ashbourn. In the Beginning Did ancient civilisations use biometrics? “Nechutes, son of Asos, aged forty, of middle.

An Introduction to Biometrics Julian Ashbourn. In the...

Category: Documents
82021-COI-Securing the UK Border...2011, by collecting the biometrics of all remaining non-EEA nationals not previously biometrically registered in the UK on arrival; Strengthen the

82021-COI-Securing the UK Border...2011, by collecting the.....

Category: Documents
ON USE OF BIOMETRICS IN FORENSICS: GAIT AND EAR · PDF fileON USE OF BIOMETRICS IN FORENSICS: GAIT AND EAR Mark S. Nixon, Imed Bouchrika, ... In 1964 Iannarelli described a new method

ON USE OF BIOMETRICS IN FORENSICS: GAIT AND EAR · PDF...

Category: Documents
Next Generation Biometrics - Biometrics Research Groupbiometrics.cse.msu.edu/Presentations/Next_generation_biometrics... · Next Generation Biometrics. ... Biometric Recognition Recognition

Next Generation Biometrics - Biometrics Research...

Category: Documents
Biometrics and Its Use in Forensics - pace university

Biometrics and Its Use in Forensics - pace university

Category: Documents
BIOMETRICS - University of Calgary in Albertamarina/601/11-Biometrics-Lecture-1… · Biometrics - Contents 2 •Fundamentals of Biometrics •Analysis, Modeling and Interpretation

BIOMETRICS - University of Calgary in...

Category: Documents
IRIS SCAN AND BIOMETRICS - 123seminarsonly.com€¦  · Web viewiris scan and biometrics Biometrics, the use of a physiological or behavioral aspect of the human body for authentication

IRIS SCAN AND BIOMETRICS - 123seminarsonly.com€¦  ·...

Category: Documents
Biometrics & Smart Cards In Use Today

Biometrics & Smart Cards In Use Today

Category: Documents