Upload File

a perspective on biometrics · biometrics are pervasive & ubiquitous consumers voting with...

  • Home
  • Documents
  • A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly
19
A PERSPECTIVE ON BIOMETRICS FEBRUARY 2017 Rajiv Dholakia, VP Products [email protected] 1

Upload: others

Post on 26-Apr-2020

7 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

A PERSPECTIVE ON BIOMETRICSFEBRUARY 2017

Rajiv Dholakia, VP Products [email protected]

1

mailto:[email protected]
Page 2: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

AGE OF UBIQUITOUS BIOMETRICS 2017-2022

2NOK NOK LABS

Server SideBiometric Match

Border/Perimeter Control Applications, Surveillance

Systems

Client Side Uni-Modal Biometrics for Device

Unlock

Client Side Uni-Modal Biometrics for Device

& Cloud Service Access on Mobile

Client Side Multi-Modal, Mobile,

Wearable & Card based for Physical, IoT

& Cloud Services

Client & Server Side Multi-Modal, Mobile,

Wearable & Card based for Physical &

Cloud Services, Sensor Surround for Continuous

Authentication

Reco

gniti

on to

Aut

hent

icat

ion Biometrics are pervasive & ubiquitous

Consumers voting with their $$$ to use devices & services that are biometrically enabled

Use Cases Expanding Rapidly FIDO is preferred framework to tie both biometrics

& non-biometric authenticators together

Page 3: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS: A GIFT FROM THE DEVICE MAKERS & BIOMETRIC VENDORSDEVICES ARE RICH IN AUTHENTICATION CAPABILITIES, CONSUMERS COME TRAINED, PREFER OVER PASSWORDS

3

Camera

Fingerprint Sensor

Microphone

Secure Execution

Secure Storage

LocationMotion, Heartbeat, etc.M8

Face Recognition

FingerprintRecognition

VoiceRecognition

Tap

Cardiac Rhythm

NOK NOK LABS

Should we pick winners or leave it to Darwin?

Page 4: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

MANAGING DIVERSITY OF BIOMETRIC METHODS

WHICH BIOMETRIC METHOD WILL REPLACE PASSWORDS?

4NOK NOK LABS

Page 5: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

NOK NOK LABS5

Nok Nok Labs pioneered an industry movement of over 250+ companies (including major government agencies and technology alliances) that agree with our vision and expand the market for our software products – the FIDO Alliance

With industry and government leaders that include :

Government regulation for banking, payments and health care are driving enterprises to abandon the use of passwords

Industry alliances are cooperating to create alternatives to reliance on passwords

End users are rapidly adopting new authentication technologies such as fingerprint sensors, speaker recognition, face recognition and smart tokens, etc., that enable the elimination of passwords

NO SINGLE BIOMETRIC MODALITY WILL REPLACE PASSWORDS

Industry needs a framework for flexible authentication

Page 6: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

FIDO DOES BIOMETRICS REALLY WELLAUTHENTICATION THAT CAN GO FROM SILICON TO THE CLOUD

6

Hardware Integrity

OS Integrity

App Integrity

Network Integrity

User Integrity & Consent

Easy for Users, Easy for Developers, Easy for IT Operators

Completing TheChain of Trust

PROPRIETARY & CONFIDENTIALNOK NOK LABS

http://www.samsung.com/
http://www.samsung.com/
Page 7: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS ON THE SPECTRUMENABLING MULTIFACTOR AUTHENTICATION

7NOK NOK LABS

Something I Know

Something I Have

Something I Have+

Something I Know

Or

Something I Have, Who I am

Or

[Something I Have, Who I am]

x2…

TapTouch

Page 8: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

CHALLENGES ORIENTING TO A NEW TECHNOLOGY

Understanding biometrics deeply and designing a solution

8NOK NOK LABS

Page 9: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS: DESIGN, EFFECTIVENESS & SECURITY CHALLENGES

NOK NOK LABS 9

[email protected] Johnson

What you mean it’s a probabilistic match?

I’d like a copy of the fingerprint for my server as well…

It’s PII or isn’t it?

Why does Apple’s matching model differ from Android from Microsoft?

Rubber fingers, rubber fingers, hair-on-fire

Page 10: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

MASTERING BIOMETRIC AUTHENTICATION: BEST PRACTICES

10NOK NOK LABS

Recognition or Authentication? What’s at stake? Consent?

Active or Passive? Single or Multi-Modal?Recovery? Lifecycle model?

Documented Threat Model? How are templates & matcher protected? Attack vectors?

Failure modes, Predictability,Operational variations?

Is there PII? Who owns the biometric?

Operating multiple authentication silos or standards-based approach?

Run a POC Develop a framework for use (beware shiny objects) Build a 3-5 year roadmap Consider a standards-based approach with FIDO

Page 11: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

ATTACKSMITIGATED

Remotely attacking central servers steal data for impersonation

1

Physically attacking user devices misuse them for impersonation

6

Physically attacking user devicessteal data for impersonation

5

Remotely attacking lots of user devices

steal data for impersonation

Remotely attacking lots of user devices

misuse them for impersonation

Remotely attacking lots of user devices

misuse authenticated sessions

2 3 4Sc

alab

le a

ttac

ks

Physical attacks possible on lost orstolen devices(≈3% in the US in 2013)

User Coercion

Not

Sca

labl

eWith hardening of FPSAuthenticator Implementations – mitigate remote/scalable attacks

Threat Model For Fingerprint Sensors

NOK NOK LABS 11

CONFIDENCENOT FEAR

Page 12: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS & MOBILE CONNECT

12NOK NOK LABS

Page 13: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

MOBILE CONNECT LEVERAGES FIDO TO EXPAND THE SET OF AUTHENTICATORSBIOMETRICS SNAP INTO FIDO FRAMEWORK –EASY FOR DEVELOPERS, IT OPERATOR

NOK NOK LABS

Federation

Authentication

User Management

Identity Proofing(going from physical to digital identity)

Existing MNO KYC processes

Existing MNO CRM databases

Network-based authenticators (USSD, SIM applet etc.)

User Authentication

Mobile Connectis an

Identity Framework

FIDO providesAuthenticationFramework for Device-Based Authenticators

FIDO is an Authentication Framework

Page 14: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

FIDO UAF protocol

Mobile phoneWith MC App +FIDO SDK AuthN server

MNO

Tablet/desktop

Service access requestService Provider

Authentication request

Identity GW

First mile

Second mileSIM applet protocol (CPAS8)

AuthN server

SIM applet

MOBILE CONNECT HIGH LEVEL ARCHITECTURE WITH FIDOFIDO INTEGRATES AS OPTIONAL AUTHENTICATOR SUBSYSTEM

FIDO AuthN Server or Service

14NOK NOK LABS

Page 15: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS & BUSINESS STRATEGY

15NOK NOK LABS

Page 16: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

THE BATTLE FOR CUSTOMER EXPERIENCE & THE CLOUD

Apple on their vision for iTouch (much more than a sensor)• https://www.youtube.com/watch?v=U2MTLNfCZBQ

NTT DOCOMO Demo Videos:• https://www.youtube.com/watch?v=QzM4PpXEqP8[Fall 2015]

PayPal Video • http://youtu.be/L2xAk0aHBsI

How it Works:• https://www.youtube.com/watch?v=YcfGlLrSzQw

16NOK NOK LABS

Biometrics in particular & authentication in general are becoming a strategic weapon for dominance in cloud

services

https://www.youtube.com/watch?v=U2MTLNfCZBQ
https://www.youtube.com/watch?v=QzM4PpXEqP8
http://youtu.be/L2xAk0aHBsI
Page 17: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRICS: LEADERS FORGING AHEAD, SEEING STUNNING BENEFITS

NOK NOK LABS 17

[email protected] Johnson

Page 18: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

BIOMETRIC AUTHENTICATION : A BUSINESS PERSPECTIVEFRICTIONLESS AUTHENTICATION, PERSONALIZED TRANSACTIONS

NOK NOK LABS 18

Leaders are: Delighting customers Increasing ARPU Locking down security Creating seamless customer experiences across their ecosystem for

strategic advantage in cloud services and IoT

Page 19: A PERSPECTIVE ON BIOMETRICS · Biometrics are pervasive & ubiquitous Consumers voting with their $$$ to use devices & services that are biometrically enabled Use Cases Expanding Rapidly

FIN

19NOK NOK LABS


BIOMETRICS - University of Calgary in Albertapages.cpsc.ucalgary.ca/~marina/601/11-Biometrics... · Biometrics - Contents 2 •Fundamentals of Biometrics •Analysis, Modeling and

Information technology — Use of biometrics in video ...ed1.0}en.pdf · Information technology — Use of biometrics in video surveillance . systems — Part 1: System design and

Biometrics Tasanawan Soonklang. 2 Biometrics Biometrics – what is? Applications – who use? Operation – how does it work? Types – what are the different?

Understanding Biometrics€¦ · seeking to enter a country. The rapidly expanding use of biometrics on mobile smartphones and in other devices is greatly increasing the use of biometrics

Biometrics Identity Management Agency Biometrics Report, FY11

A Survey on Biometrics and Cancelable Biometrics Systems

Banking and Biometrics White Paper · 2018-02-24 · BIOMETRICS RESEARCH GROUP, INC. Banking and Biometrics White Paper Biometrics Research Group, Inc. notes that revenue streams

Biometrics and Banks in Finland from a Privacy Perspective · possible use of biometrics in banking application would increase the security in transac-tions or should banks abstain

Beyond Words: Use Biometrics to Measure Emotion in User Research

Biometrics and Its Use in Forensics - pace university

UNDERSTANDING BIOMETRICS’ IG OBLIGATIONS · Multimodal Biometrics Multimodal biometrics refers to a fusion of biomet-rics. These tend to be visual and spatial biometrics, such as

Next Generation Biometrics - Biometrics Research Groupbiometrics.cse.msu.edu/Presentations/Next_generation_biometrics... · Next Generation Biometrics. ... Biometric Recognition Recognition

Deoxyribonucleic acid (DNA) Biometrics CPSC 4600 Biometrics and Cryptography

BIOMETRICS - University of Calgary in Albertamarina/601/11-Biometrics-Lecture-1… · Biometrics - Contents 2 •Fundamentals of Biometrics •Analysis, Modeling and Interpretation

FINAL REPORT - University of Memphisweb0.cs.memphis.edu/~dasgupta/files/Dasgupta... · Dipankar Dasgupta. Biometrics and its use: Viewpoint. Biostatistics and Biometrics--Open Access

Biometrics and soft biometrics for people identification · 2011-03-29 · Biometrics and soft biometrics for people identification Prof. Rita Cucchiara Imagelab‐Dipartimento di

Biometrics Hiroki Morimoto. Overview Definition Definition Advantages/Disadvantages and Ideal Biometrics Advantages/Disadvantages and Ideal Biometrics

LEGAL IMPLICATIONS OF THE USE OF BIOMETRICS AS A TOOL TO FIGHT

Biometrics for Children - Biometrics Institute · Should I consider using biometrics?1. Does the use of biometric technology add value to the program? 2. Is there an established legal

On Forensic Use of Biometrics - GitHub Pages · 1 On Forensic Use of Biometrics Banafshe Arbab-Zavar1, Xingjie Wei2, John D. Bustard1, Mark S. Nixon1 and Chang-Tsun Li2 1University

IBG Biometrics Explained - Business Technology Explained.pdf · Biometrics are much easier to use than one might expect. Here is a brief technology-by-technology summary of how one

82021-COI-Securing the UK Border...2011, by collecting the biometrics of all remaining non-EEA nationals not previously biometrically registered in the UK on arrival; Strengthen the

Biometrics & Smart Cards In Use Today

New Zealand | Future use of Biometrics (Jonathan Clark Howard)

Feasibility Study on the Use of Biometrics in an ......Feasibility Study on the Use of Biometrics in an Entitlement Scheme For UKPS, DVLA and the Home Office ... such as: the degree

Introduction to the Biometrics Institute · Introduction to the Biometrics Institute ... • To encourage appropriate research and development of biometrics ... © Biometrics Institute

Information technology — Use of biometrics in video

ON USE OF BIOMETRICS IN FORENSICS: GAIT AND EAR · PDF fileON USE OF BIOMETRICS IN FORENSICS: GAIT AND EAR Mark S. Nixon, Imed Bouchrika, ... In 1964 Iannarelli described a new method

BIOMETRICS. BIOMETRICS BIOMETRICS Forget passwords... Forget pin numbers... Forget all your security concerns

I can be You: Questioning the use of Keystroke Dynamics as Biometrics

U.S. Coast Guard “Biometrics at Sea” · general use of maritime biometrics by the USCG as it expands its biometrics program. Section 1.0 Characterization of the Information The

Image security and biometrics: A revie · Soft biometrics used to enhance these hard biometrics. I Use of infrared data, 3D data, etc. I Iris recognition (is more obtrusive, pupils

Voice Biometrics for Information Assurance Applications · Voice Biometrics for Information Assurance Applications 3 Navy Biometrics Programs SPAWAR PMW-161 leads the Navy biometrics

1. 2 BIOMETRIC VOTINNG SYSTEM 3 INTRODUCTION What is BIOMETRICS? * Biometrics is the term given to the use of biological traits or behavioral characteristics

SECURITY FOR BIOMETRIC AUTHENTICATION · biometrics. One exception is the use of cancelable biometrics, which can be used in specific applications. Cancelable biometrics were derived