SlideShare a Scribd company logo
1 of 34
Download to read offline
More than just being
signed-in or signed-out
Parul Jain, Architect, Intuit
@ParulJainTweety
Why do we care?
TRUST &
SECURITY
EASE OF
ACCESS
Can’t eliminate
friction? Delay it
Authentication
Levels to
balance security
and usability
Delightful
product
experience
Authentication
Username
Password
Sign In
Signed In
Not Signed In
Authentication – Signed In or Not –
Example1
Sell an item
Place Ad
Username
Password
Signed In
Not Signed
In
Sign In
Browse OLX for used products
Authentication – Signed In or Not –
Example2
Browse apps on App Store
Install App
New App on Device
Username
Password
Signed In
Not Signed
In
Install App
Sign In
Why Authenticate?
Authentication is required to establish trust
Is trust binary - Trust you fully or Not at all
Degrees of trust - Factor of time and
situation
Trust you for this but not for that
Didn’t trust you earlier but trust you now
Authentication Levels
Authentication is not binary
Authentication Assurance Levels (AAL)
Adaptive - Change with time and situation
Authentication Assurance Levels (AAL)
Less Trust
Submit
Enter OTP
Authentication Level 1
Authentication Level 2 More Trust
AAL – Example1
Authentication Level 1
Authentication Level 2
My bank account
Transfer Money
Payment
Authentication Level 0
Usernam
ePasswor
d
Sign In
My bank portal
Sign In
AAL – Example2
Authentication Level 1
Authentication Level 2
Transfer Money
New Payment Instrument
Authentication Level 0
Usernam
ePasswor
d
Sign In
Mint application
Sign In
Enter OTP
Submit
Access my personal finances
AAL – Example3
Authentication Level 1
Authentication Level 2
Browse products on Amazon
Track Order
Or
Checkout
View/Place Order
Username
Password
Sign In
MFA and AAL Relationship
AAL is the outcome.
MFA is the mechanism
MFA provides layered defense
Binary Authentication
Multiple Authentication Assurance Levels
LIC: Binary without MFA
Google: Binary with MFA
Amazon: Multiple Levels with MFA
Intuit: Multiple Levels with MFA
How to determine the AALs?
REQUIRE
Based on
sensitivity of
the APIs
ADAPT
Based on
trust in the
user with
time
ASSIGN
Based on
factors of
authentication
ASSIGN an AAL
ASSIGN REQUIRE
ADAPT
• What I know
• password
• What I have
• OTP
• What I am
• fingerprint
• Other
• Federated
Based on factors of authentication
ADAPT to an AAL
ADAPT
Based on trust in user with time
REQUIRE
Change in
• Device
• Geolocation
• IP address
• Velocity of use
• Behavioral Biometrics
• Anomalous behavior
ASSIGN
REQUIRE an AAL
REQUIRE
ADAPT
Based on sensitivity of the APIs
• Secret
• OAuth Client Secret
• Highly Sensitive
• Money movement
• Financial data
• Sensitive
• Personal
information
• Other
• Public information
ASSIGN
AAL Determination
Good
Step-up
Step-up
Good
Good
Step-up
Good
Good
Good
Trust in user
authentication
Sensitivity
of the APIs
Low High
Low
High
Component Interaction
Identity
Service
s
APIs
Client
1. Sign in
2. Session with an
AAL
4. Verify
3. Access
Resource
5. Step-up URL
6. Redirect for Step-
up
7. Step-up
8. Higher AAL
Determine
AAL
Remembe
r the state
Check
expected
AAL
Client
Widget
Configuration
APIs
Create the verify request
Verify with expected AAL
Identity Services
Authn
Service
Risk
Engine
Sign-in
Verify
Device,
IP, geo,
time, …
Get Risk
Score
Feedbac
k
ML Model
Real time Risk
Score
UNIVERSAL STRONG
AUTHENTICATION –
FIDO AS A STANDARD
Fast Identity Online (FIDO)
FIDO Protocols
Public Key cryptography
UAF – Universal Authentication Framework
• Password less UX
• Local device with UAF stack installed
• User presents a local authentication
U2F – Universal Second Factor
• Standalone U2F device - USB/NFC/Bluetooth
• Physical keychain with multiple keys – one for each
origin
• Built-in support in web browsers
UAF
Src: https://fidoalliance.org/specifications/overview/
UAF - Registration
User Device
FIDO Client
Win, Mac,
iOS,
Android, …
FIDO Authenticators
User
Agent
Browser
, App,
…
Identity Provider
Web
App
FIDO
Server
1. Legacy Auth +
Initiate Registration
2. Registration
request
+ Policy
3. Enroll user
+ New Key Pair
4. Registration
response +
Attestation
+ User’s public key
5.
Validate Response +
Attestation
Store user’s Public Key
UAF - Authentication
User Device
FIDO Client
Win, Mac,
iOS,
Android, …
FIDO Authenticators
User
Agent
Browser
, App,
…
Identity Provider
Web
App
FIDO
Server
1. Initiate Authn
2. Authn request
+ Challenge +
Policy
3. Verify User and
unlock private key
4. Authn response
signed by user’s
private key
5.
Validate Response using
user’s Public Key
U2F
Src: https://fidoalliance.org/specifications/overview/
Summary
As developers we
have thought of
authentication as
a binary switch
We need to start
thinking about
the degree and
levels of trust
Incorporate AAL
into the design
thinking
AAL will help us
in balancing
security vs
usability
Deliver delightful
experience to
customers
Thank you

More Related Content

Similar to Binary State of Authentication by Parul Jain

Reduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device AuthenticationReduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device AuthenticationTransUnion
 
kicking your enterprise security up a notch with adaptive authentication sa...
kicking your enterprise security up a notch with adaptive authentication   sa...kicking your enterprise security up a notch with adaptive authentication   sa...
kicking your enterprise security up a notch with adaptive authentication sa...Sagara Gunathunga
 
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...WSO2
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2NGINX, Inc.
 
Risk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldRisk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldForte Advisory, Inc.
 
CIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCloudIDSummit
 
The “I” in API is for Identity (Nordic APIS April 2014)
The “I” in API is for Identity (Nordic APIS April 2014)The “I” in API is for Identity (Nordic APIS April 2014)
The “I” in API is for Identity (Nordic APIS April 2014)Nordic APIs
 
PRO HAWK - Holistic, Proactive, Real-time, Integrated Approach of Fraud & R...
PRO HAWK - Holistic, Proactive, Real-time, Integrated  Approach of  Fraud & R...PRO HAWK - Holistic, Proactive, Real-time, Integrated  Approach of  Fraud & R...
PRO HAWK - Holistic, Proactive, Real-time, Integrated Approach of Fraud & R...Jerome Salecious J
 
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays
 
Proofing ex post facto from Cloud Identity Summit 2017
Proofing ex post facto from Cloud Identity Summit 2017Proofing ex post facto from Cloud Identity Summit 2017
Proofing ex post facto from Cloud Identity Summit 2017David Kelts, CIPT
 
Managing Identities in the World of APIs
Managing Identities in the World of APIsManaging Identities in the World of APIs
Managing Identities in the World of APIsApigee | Google Cloud
 
Collaborate_VPASession_CSC_GRC_FINAL v2
Collaborate_VPASession_CSC_GRC_FINAL v2Collaborate_VPASession_CSC_GRC_FINAL v2
Collaborate_VPASession_CSC_GRC_FINAL v2Sam Monarch
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSOAshish Jain
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSalesforce Developers
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...Salesforce Developers
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentationParvezKhan173
 
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsSalesforce Developers
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 
CIS 2015- SSO for Mobile and Web Apps- Ashish Jain
CIS 2015- SSO for Mobile and Web Apps- Ashish JainCIS 2015- SSO for Mobile and Web Apps- Ashish Jain
CIS 2015- SSO for Mobile and Web Apps- Ashish JainCloudIDSummit
 

Similar to Binary State of Authentication by Parul Jain (20)

Reduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device AuthenticationReduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device Authentication
 
kicking your enterprise security up a notch with adaptive authentication sa...
kicking your enterprise security up a notch with adaptive authentication   sa...kicking your enterprise security up a notch with adaptive authentication   sa...
kicking your enterprise security up a notch with adaptive authentication sa...
 
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2
 
Risk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldRisk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure World
 
CIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity System
 
The “I” in API is for Identity (Nordic APIS April 2014)
The “I” in API is for Identity (Nordic APIS April 2014)The “I” in API is for Identity (Nordic APIS April 2014)
The “I” in API is for Identity (Nordic APIS April 2014)
 
PRO HAWK - Holistic, Proactive, Real-time, Integrated Approach of Fraud & R...
PRO HAWK - Holistic, Proactive, Real-time, Integrated  Approach of  Fraud & R...PRO HAWK - Holistic, Proactive, Real-time, Integrated  Approach of  Fraud & R...
PRO HAWK - Holistic, Proactive, Real-time, Integrated Approach of Fraud & R...
 
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
 
Proofing ex post facto from Cloud Identity Summit 2017
Proofing ex post facto from Cloud Identity Summit 2017Proofing ex post facto from Cloud Identity Summit 2017
Proofing ex post facto from Cloud Identity Summit 2017
 
Managing Identities in the World of APIs
Managing Identities in the World of APIsManaging Identities in the World of APIs
Managing Identities in the World of APIs
 
Collaborate_VPASession_CSC_GRC_FINAL v2
Collaborate_VPASession_CSC_GRC_FINAL v2Collaborate_VPASession_CSC_GRC_FINAL v2
Collaborate_VPASession_CSC_GRC_FINAL v2
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
 
Secure Salesforce: Org Access Controls
Secure Salesforce: Org Access ControlsSecure Salesforce: Org Access Controls
Secure Salesforce: Org Access Controls
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentation
 
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected Apps
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
CIS 2015- SSO for Mobile and Web Apps- Ashish Jain
CIS 2015- SSO for Mobile and Web Apps- Ashish JainCIS 2015- SSO for Mobile and Web Apps- Ashish Jain
CIS 2015- SSO for Mobile and Web Apps- Ashish Jain
 

Recently uploaded

Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 

Recently uploaded (20)

Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 

Binary State of Authentication by Parul Jain

Editor's Notes

  1. I am Parul, Arch for Ident and Secu at Intuit. We have thought of authentication as a binary – signed in or signed out, Come out of that mindset and treat authentication as a step ladder, as multiple levels. Why do we care?
  2. Don’t care about deep trust in certain experiences but care for stronger trust in certain other scenarios. We as a developer have dealt with authentication as a binary, think of it as a step ladder, it will enable us to create delightful user experience.
  3. Speak about an example from real life here
  4. Speak about an example from real life here
  5. Authentication levels is not one to one to authentication factors Binary – SF (Example) Binary – MF AAL – SF AAL - MF
  6. Add AAL0. Go from AAL 0 to AAL1 using password OTP for next level
  7. Add AAL0. Go from AAL 0 to AAL1 using password OTP for next level
  8. Move captcha to another slide
  9. Split it into three
  10. Split it into three
  11. Split it into three
  12. Split it into three
  13. Split it into three
  14. AAL at Intuit reusable components at Identity. onSuccess APIs – ticket validation with AAL Helps you balance Bot vs human
  15. AAL at Intuit reusable components at Identity. onSuccess APIs – ticket validation with AAL Helps you balance Bot vs human
  16. AAL at Intuit reusable components at Identity. onSuccess APIs – ticket validation with AAL Helps you balance Bot vs human
  17. AAL at Intuit reusable components at Identity. onSuccess APIs – ticket validation with AAL Helps you balance Bot vs human