Apple is among the last tech bigwigs to join FIDO, whose members now include Amazon, Facebook, Google, Intel, Microsoft, RSA, Samsung, Qualcomm and VMware. The group also boasts more than a dozen financial service firms such as American Express, ING, Mastercard, PayPal, Visa and Wells Fargo.
“Apple is not usually up front in joining new organizations and often waits to see if they gain enough traction before joining in. This is fairly atypical for them,” said Jack Gold, president and principal analyst at J. Gold Associates. “Apple is often trying to present [its] own proposed industry standards for wide adoption, but is generally not an early adopter of true multi-vendor industry standards.
“FIDO now has enough momentum that I assume Apple is feeling the pressure to join in,” he said. “Especially in a cloud-based world, FIDO is a key initiative to authentication that companies really can’t ignore.”
Formed in 2012, FIDO’s purpose is to push two-factor authentication for services and apps because passcodes are innately insecure. Research backs the group’s claim, as 81% of all security breaches from hackers can be traced to stolen or poor passwords, according to Verizon’s Data Breach Investigations Report.
“If you are relying on username/email address and password, you are rolling the dice as far as password re-usage from other breaches or malware on your customers’ devices are concerned,” Verizon said in its report.
Along with W3C, FIDO wrote and is using the emerging Web Authentication API (better known as WebAuthn). The WebAuthn specification is already supported – to different degrees – by major browsers such as Google’s Chrome, Mozilla’s Firefox and Microsoft’s Edge. Those browsers also support cloud credential creation using a U2F Token, which can use Bluetooth, NFC or USB to provide two-factor authentication to online services and apps.
In 2018, Apple announced it was adding “experimental” support for the WebAuthn protocol on Safari. In December, Apple added native support for FIDO-compliant security keys, such as those from Yubicoand Feitian, which use the WebAuthn standard over near-field communication (NFC), USB, or Lightning in iOS 13.3.
“FIDO is like Bluetooth for authentication – meaning that we have a number of devices with features and functions that can be used to provide authentication,” said Mahdi.
For example, Mahdi said, mobile devices or laptops may use fingerprint readers or facial recognition technology to enable log-in. Either technology could be leveraged for authentication, but without a common language, it was difficult to do and required proprietary drivers and software.
“As such, it was much more complex to reliably enable strong authentication,” Mahdi said. “FIDO, like Bluetooth, allows application developers and security leaders that want to enable strong authentication (say, in a mobile app or a website) to cover a wide range of authentication methods that are available in devices with minimal code [and without having to worry about many proprietary drivers].”
Overall, FIDO’s specification means digital services from banks, ecommerce sites and others can recognize users through their devices, rather than with usernames and passwords. For example, users could register for an online service, create a username, register their devices, and select a preferred authentication method (i.e. finger, or face, and/or PIN). No password would be needed, Mahdi said.
How FIDO’s spec works
FIDO’s specification works by enabling anyone using it to gain access to an app or online service with a private and public key pair.
When a user registers with an online service, such as PayPal, the authenticator device (a server) creates a unique private/public key pair. The private key is stored on the user’s device, while the public key becomes associated with that device through the online service or app.
Authentication is performed by the client server sending an electronic challenge to the user’s device. The client’s private keys can be used only after they are unlocked locally on the device by the user. The local unlock is accomplished by a secure action such as a biometric reader (i.e., a fingerprint scan or facial recognition), entering a PIN, speaking into a microphone, or inserting a second–factor device.
U2F is an open-authentication standard that enables internet users to securely access with one security key instantly and with no drivers or client software needed, according to FIDO member and authentication vendor Yubico. FIDO2 is the latest generation of the U2F protocol.
Last April, Google joined the Alliance as part of its creation of new online identity management tools. Google added two-factor authentication through FIDO’s specification for Android 7 and above devices.
Jamf, a provider of multi-factor enterprise authentication management software for the Mac platform, joined FIDO last month.
“As we were supporting a lot of these multi-factor devices and different identity providers, it got to be complicated pretty quickly,” said Joel Rennich, director of Jamf Connect, an Apple Mac authentication and identity management product. “And we still had the problem that we needed to go back to having a password. On the Mac, there’s no built-in way of supporting your user credentials without typing in a password. However, Apple does have a pretty robust smart card installation.”
Rennich said Jamf is embracing the FIDO authentication protocol because it’s “incredibly” secure and allows a lot of flexibility because of wide-ranging industry support. In particular, because of FIDO’s use of highly-secure elliptical curve cryptography – the same used by Apple Secure Enclave – Jamf can now leverage the technology to create enterprise-class access to the iPhone, for example.
“So, we can use that hardware already in the device to work with the FIDO protocols with minimal amount of effort. …That made the development really quick,” Rennich said.
While it’s not yet shipping, Jamf also created a virtual smart card that allows users to sign into Mac devices from the cloud using elliptic-curve cryptography pairing keys in the same way FIDO’s specification does.
“We’re not here to speak for Apple…, but certainly you can see they’re doing a lot more work in this environment. I do think it’s a solid base. It’s a great standard,” Rennich said. “We do hope Apple does more with it. But in the meantime, we expect to be able to bring log-in at the log-in window with a FIDO authenticator to the Mac.”
Read More Articles
The NHL has a new franchise called the Seattle Kraken. They don’t start playing till next season and there are no players drafted or signed yet.
Their team will be built or selected via The Expansion Draft, which going by prior expansion drafts , will wind up filling the majority of roster positions. Then comes the NHL Entry Draft, which is more for young prospects. And finally free agency where they can sign various players.
Not sure how many free agents get signed by expansion teams. Would a Taylor Hall have signed with the Seattle Kraken and not the Buffalo Sabres this year ? Who knows. And too bad they missed out on all the goaltenders changing teams.
Analytics and data science are here to stay in the NHL
NHL teams are at the edge of artificial intelligence and can utilize a number of technological and analytical tools to narrow the search for prospects and the right player fit or to break a tie between a few players whose potential may appear even at first glance.
There is the traditional video and scouting reports, but now advanced analytics and data science departments on some NHL teams are changing the way they find and sign and build teams. Ron Francis and the Seattle Kraken are at the forefront of building an analytics driven organization.
So over the next year the Seattle Kraken will be analyzing data and building models to help them build a team.
Machine learning models are known to amplify the biases present in the data. These data biases frequently do not become apparent until after the models are long deployed. And sometimes not at all until something goes viral on social media and a company or model gets heat.
To tackle this issue and to enable the preemptive analysis of large-scale dataset, REVISE (REvealing VIsual biaSEs) is a tool that assists in the investigation of a visual dataset, surfacing potential biases currently along three dimensions:
1 – Object-based :
Object-based biases relate to size, context, or diversity of object representation
2 – Gender-based :
Gender-based metrics aim to reveal the stereotypical portrayal of people of different genders
3 – Geography-based
Geography-based analyses consider the representation of different geographic locations
REVISE is a open source tool that automatically detects possible forms of bias in a visual dataset along the axes of object-based, gender-based, and geography-based patterns, and from which next steps for mitigation are suggested.
Once you know how to analyze everything, your information can be gold. The value and importance of leveraging machine learning to create a true competitive advantage is known to most successful startups & businesses. Artificial intelligence provides actionable insights, which lead to a stronger business strategy and plan of action. It is essential to have usable data and actionable predictive analytics to make the most of your analytics and data science pipelines, and for a business person to understand the typical product life-cycle flow.
Artificial Intelligence Drives Innovation
Retail Case Study
For several years, inventory and sales information has been obtained by a network of integrated but silo department store systems. Mergers, Acquisitions, various consultancies and data warehouses turned this business intelligence and ‘big data’ platform into a data swamp, not a data lake. Nobody wanted to use it because it was like a scary swamp monster.
This system acted as the analytic and AI center of excellence used to train a machine learning model by the Pagarba Solutions data science team. The team helped the founders, directors and C-Level executives identify strategic actionable priorities and act on them in a timely manner. The current system was the method used to create a demand forecasting model to make future predictable trends and forecasts.
By analyzing data from the past five years of retail sales, an adaptive selective model approximated demand for the coming month. Vector auto-regression models coupled with external data sources are often used in machine learning. That made it possible at any time to forecast demand for any particular product. The company was able to maximize inventory and warehouse management by using this solution to provide alternatives available.
BioTech Smart Medicine Inventory Management Hardware Case Study
The Pagarba Solutions client was advised to use multi-modal bio-metric authentication object recognition system that required a user to pass both a facial and voice recognition to gain appropriate authorized access.
Pagarba Solutions Artificial Intelligence experts suggested introducing enhanced security features to the system, such as image and object recognition technology like optical character recognition (OCR). This was for driver’s license or passport ID authentication. Another strategy and plan was to reduce outliers and overfitting by using deep learning algorithms to prevent fake or biased facial recognition. And finally using Natural Language Processing technology( NLP) for security based written quiz like challenges. These changes also culminated in the development of an event-as-a-Service (EVaaS) platform.
Artificial Intelligence Process Flow & Pipeline
Executives, Directors, & Business owners want to know how to use AI and emerging technology to achieve actionable and realistic business goals. What’s the Return on Investment? They are less interested in the details of how the technology works.
Steps of a Artificial Intelligence Strategy & Development project
1> User Experience (UX) is Key
How will your customers and end users use this Artificial Intelligence (AI) product ? Think of the “old school” recommendation engines we see on Amazon, Wal-mart, any ecommerce site or even youtube and netflix or Hulu. A recommendation engine is really a subclass of information filtering systems that predict the “rating” or “preference” a end user would give to an item.
Recommendation systems work best with unbiased explicit user feedback like Amazon and shopping cart purchases or watching a video on Youtube or Netflix or listening to a song on Pandora or Spotify or Apple Music. But in many use cases the application and platform offers mostly implicit feedback scenarios. Think click through rates, page views, google search queires, like or dislikes, up or down voting and so on. This data is heavily biased and we’ve seen people cheat these systems or bully younger users. Click-through rate is heavily dependent on the position of content on a page. Poor UX/UI and web design and it’s like putting Milk at the front of a grocery store. Not ideal if you think with a data-heavy analytics scope. Implicit feedback also tends to perform worse. Google search results are heavily sponsored and ad based on page one now, so a lot of the content may show sponsored results and/or clickbait headlines. And then the site is all spam. This results in high bounce rates after initially high click through rates. This may not matter to a spam site, but a legit business might not be getting the results they desired.
The user experience (UX) can be broken down into three parts:
- Initial Impression
- What is the user trying to achieve?
- How does the user arrive at this experience?
- Where do they go?
- What should they expect?
- Interacting Stage
- What should they see ?
- Is it clear what to do next?
- How are they guided through errors and processes ?
- Feedback Loop
- Did the end user achieve their goal?
- Is there a clear “end” to the experience? Call to Action ?
- What are the follow-up steps (if any)?
Knowing what an end user should see during the start, into the interacting stage and feedback after of your app or software will ensure the data science and AI team pick the right features and variables for the models and the data science team trains and continuously improves and updates the AI models on accurate proper data from the start. And it helps the engineering and devops teams to automate the MLOps process flow. And they can build and design valuable automated feedback loops for analytics that offers the best solution for end users.