Top Banner
natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometr validity
17

Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

Dec 29, 2015

Download

Documents

Darcy Norman
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

natu

ral i

d

Markus Jakobsson

SebastienTaveau

The Case for Replacing Passwords with Biometrics

validity

Page 2: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

Why? The Use Cases

Page 3: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

PERSONAL CLOUD

WHERE IS THE WALLET? TWO SCHOOLS OF THOUGHT

• Remote Payment• Digital Wallet• Card Not Present• Alternative Payment Networks

• Proximity Payment• Mobile Wallet• Card Present• Classic Payment Networks

Page 4: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

PERSONAL CLOUD

Megatrend No. 1:

Consumerization — You Ain’t Seen Nothing Yet

Megatrend No. 2:

Virtualization — Changing How the Game Is Played

Megatrend No. 3:

“App-ification” — From Applications to Apps

Megatrend No. 4:

The Ever-Available Self-Service Cloud

Megatrend No. 5:

The Mobility Shift — Wherever and Whenever You Want

Gartner: http://www.wired.com/cloudline/2012/03/personal-cloud-2014/

Page 5: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

BYODBring Your Own Device

BEYOND INDIVIDUALS, CORPORATE IT MUST ADAPT

BYOD

Page 6: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

BYODBring Your Own Device

Page 7: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

BYODBring Your Own Device

Page 8: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

THE PROBLEM: FRAUD AND UNAUTHORIZED ACCESS

Malware PhishingFriendly

Fraud

Access to secure areaIs limited

Without password to steal, Phishing is eliminated

My kids know my iPad PIN But can’t swipe my finger

Page 9: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

validity

How? The tech options

Page 10: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

Natural Authentication Computed Authentication

Two Methods: Who You Are & What You Know

Page 11: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

Natural Authentication

Computed Authentication

Value proposition to mobile ecosystem

Device Authentication User Authentication

Page 12: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

TEE SCENARIO 1

Normal World Secure World

Secure OSMONITOR

FPS

ApplicationProfile

VaultTrustlet

Trust Credential Engine

+ Security

Page 13: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

TEE SCENARIO 2

Normal World Secure World

Secure OSMONITOR FPS

Application Trustlet

Secure Storage

ApplicationProfile

VaultTrustlet

Page 14: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

TEE SCENARIO 3

Normal World Secure World

Secure OSMONITORFPS

Application Trustlet

Encrypted Vault Security

ApplicationProfile Trustlet

Page 15: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

SECURITY IN A NUTSHELL

Malware PhishingFriendly

Fraud

Secure area has processor and storage.

Biometrics and credentials encrypted outside secure area.Restricted API to secure area.

Nothing to steal!

No typed credentials, except special cases –this limits exposure.

“You cannot give out What you do not know.”

My kids know my iPad PIN but can’t swipe my finger.Easy to create and remove

guest accounts.

Executive summary: a secure password manager with secure access.New device / failed authentication / coerced authentication – see paper.

Page 16: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

THE NEW SECURITY AROUND PAYMENTS

WHO YOU ARE

WHERE YOU ARE

Page 17: Natural id Markus Jakobsson SebastienTaveau The Case for Replacing Passwords with Biometrics validity.

THANK YOU

[email protected]: frogtwitt