Solution Overview - Smartjac · 2017-03-15 · Fast IDentity Online(FIDO) 1. Samsung SDS Nexsign a...
Transcript of Solution Overview - Smartjac · 2017-03-15 · Fast IDentity Online(FIDO) 1. Samsung SDS Nexsign a...
Solution Overview
Copyright ⓒ 2017 Samsung SDS Co., Ltd. All rights reserved.
1/31 Copyright ⓒ 2017 Samsung SDS Co., Ltd. All rights reserved.
Fast IDentity Online(FIDO) 1. Samsung SDS Nexsign
■□□□□□
a PKI-based authentication solution using biometrics and secure storage to enable easy and secure user authentication on smart devices.
Fast IDentity Online(FIDO) Birth of a new authentication service
Password + Digital Certificate
Password + OTP
Password
Password + Digital Certificate + OTP
VS
Security first
Convenience first
Give up purchase/ Authentication failure ratio
Fraud loss 1-Click check
Secure Insecure
Security
Convenience Inconvenient Convenient
01234 5678 9100 0011
Banks Credit Card
Samsung 07/17
Samsung SDS Nexsign
2/31 Copyright ⓒ 2017 Samsung SDS Co., Ltd. All rights reserved.
Fast IDentity Online(FIDO) 1. Samsung SDS Nexsign
■□□□□□
Password +인증서 +OTP
Password + 인증서
새로운 인증 서비스 탄생
[FIDO] 인증솔루션 스마트 단말의 생체인식(Biometrics) 기능을 온라인 인증에 적용해 간편하고 안전한 사용자 인증을 실현합니다.
[FIDO] 인증솔루션은, Biometrics recognition is easy to use and provides strong security
Innovative method for user authentication based on unique unchangeable biological traits
Greater Convenience
Tighter Security
Face Recognition
Iris Recognition
Voice Recognition
Fingerprint Recognition
3/31 Copyright ⓒ 2017 Samsung SDS Co., Ltd. All rights reserved.
Samsung SDS Nexsign 2. Key Features
□■□□□□
1 Compatible, secure and safe solution certified by international standards and CC(Common Criteria)
2 Provide the best security environment based on biometrics, PKI and TEE
3 Simple and universal user authentication using multiple biometrics and authentication factors
4 Customized user authentication experience based on UMA using standard API
Key Features
FIDO develop base on strengths and customer’s requirement , Providing easy and secure user authentication, Personalized experience.
Samsung SDS Nexsign Solution
2 TEE: Trusted Execution Environment, an isolated environment that runs in parallel with the mobile OS, providing security for the rich environment. 1 PKI: Public Key Infrastructure, Complex authentication system using public key encryption methods
3 UAF: Universal Authentication Framework, which is an international standard authentication process approved by FIDO 1.0. 4 ASM: Authenticator Specific Module: software interface, which gives a standard way for the authentication device and authentication information
Nexsign Client
Nexsign ASM4
Nexsign Authenticator
UMA SDK / App UMA Platform
Nexsign Server
Nexsign Admin Portal
4/31 Copyright ⓒ 2017 Samsung SDS Co., Ltd. All rights reserved.
4. Reference □□□■□□
Samsung Pay KPay Samsung’s Intranet
K-Pay App.
Samsung Pay services launched in partnership with Korea’s top public key authentication service provider (Korea Information Certificate Authority) (Beta testing in July 2015, official launch in August 2015)
Partnership with Korea’s top payment gateway provider (KG Group) (March 2015)
Nexsign-based payment Service launched Kpay Application (Offcial launch in October 2015)
Nexsign authentication service applied to the Samsung Group’s Square Portal for unlocking screens or payment transactions (July 2015)
※ PG service provider : a third party processing credit card or mobile payment transactions between a shopper and a merchant
Cross-industry References Samsung SDS is the first company in Korea to commercially launch a Nexsign-based payment service, which is being applied to the Samsung Group’s intranet system since July 2015.
Use Case Appendix
3
Company systems
Online Shopping Mall
Securities Mobile Trading System
Mobile Banking
Call Center
Appendix 15 / 16 Copyright ⓒ 2017 Samsung SDS Co., Ltd. All rights reserved.
Secure and interoperable FIDO certified authentication solution 1 Highest, multi-factored security level 2
Multifactor Authentication 3 Customized user authentication using standard API 4
Key Features
FIDO Certification Client (Andorid)
FIDO Certification Server
FIDO Certification Client (iOS) CC (Common Criteria) Samsung SDS
FIDO
High
Lo
w
Single-factor Authentication
Multi-factor Authentication
ID/PW
PKI+Biometrics
Security Token
Biometrics ID/PW+Biometrics
ID/PW+Security Token
Security Level
Authentication Method
Generality
Next Certified Fingerprint Traditional Authentication
Fingerprint Face Voice Iris ID/PW PIN
Succeed Succeed
Certified Fingerprint Traditional Authentication
Succeed Fail
FIDO Authentication Factors
Authentication Factors
Secure Storage TEE WBC SE SE
…
…
Finger- print Face Voice Iris PIN
***
Appendix
Copyright ⓒ 2016 Samsung SDS Co., Ltd. All rights reserved. Appendix 12 / 12
※ iris recognition will be introduced later (planned)
OR AND
Service Provider App
App
FIDO Interface
Nexsign Client
Nexsign ASM
Nexsign Authenticator
Standard API
www.samsungsds.com Copyright ⓒ 2017 Samsung SDS Co., Ltd. All rights reserved.