FIDO Solution

FIDO UAF 1.0 Certified

Authenticator

Client

Server

If you want to transfer of FIDO UAF 1.0 technology , please contact  info@crucialsoft.co.kr

FIDO solution is for the user authentication based on the FIDO UAF 1.0 protocol.

Goals

  • Support strong, multi-factor authentication

  • Simplify integration of new authentication capabilities

  • Leverage existing open standards where possible, openly innovate and extend where not

  • Complement existing single sign-on, federation initiatives

  • Preserve the privacy of the end user

  • Unify end-user experience

In order to address today's strong authentication issues a comprehensive, open, multivendor solution architecture is needed to encompass as following below:

  • User devices

  • Authenticators

  • Relying party applications and their deployment environments

  • Meeting the needs of both end users and Relying Parties

Feature of Solution Architecture

  • FIDO UAF authenticator discovery, attestation, and provisioning

  • Cross-platform strong authentication protocols leveraging FIDO UAF authenticators

  • A uniform cross-platform authenticator API

  • Simple mechanisms for Relying Party integration

FIDO Protocol transfers three messages between the user device and the server

  • Registration message

    Performs the functions of enrollment to verify after querying the authentication token in the user device.

  • Authentication message

    The authentication messages to authenticate the user by performing protocol a Challenge and Response form consisting.

  • Confirmation message about secure transaction

    It performs the functions that server confirms the transaction details about certain transactions into the digital signature to the client.

   

CSId

User identification solution for various authentication of biometrics.

Usage Scope

  • Log-in

  • Replacement Password

  • Bio-Authentication

  • 2-Factor Authentication

    (Banking, creditcard, insurance, portal, shopping, games, etc.)

Service Reference

  • Off line : BarTong service with Danal (2013’ Oct)

  • On line : mISP service with VP (2013’ Dec)

  • On/Off line : bioMe service with Danal (2015’ 1Q)

  • Application of electronic signature certificate for bio (2015’ 1Q)

    : CROSSCERT (Korea Electronic Certification Authority)

 
  • CSId Key Value

Security

Prior arts of RSA2048 bit identical to public key certificate + multiple pairs of one time password

Transparency

Only manages the information assigned by the relevant service

+ blocks any access to private information.

Saves transaction to relaying server.

Provide non-repudiation.

Safety

Applicable to any biometric information

  - fingerprint, iris, vein, face, etc

Converted to unique code

  - uuid

Eliminates risk of biometric data leakage

 

Scalability

Applicable to any service which requires user authentication such as log-in or mobile payment

  • CSId Structure
 
 

Mobile Payment

Offline Payment Service

  • A barcode payment system linked to Korean mobile user’s account

  • Scan barcode with POS scanner

  • Replacing password with fingerprint authentication

    (Launched in 2013’ October)

  • Payment system at off-line stores such as convenience store, family restaurant and etc

  • Annual transactions : 0.7 million Unit

  • 30 big franchises and 13,000 affiliated stores

 

Credit Card Payment

Online Payment Service

  • Strengthen security by 2-Factor Authentication

    (Password + Fingerprint authentication)

    (Launched in 2013’ December)

  • ISP members (BC card, KB card) 15 million people registered

  • Mobile ISP app downloads 8 million

  • Annual transactions : 2.4 million unit (Credit card 34%)

 

BioPay

On/Offline Payment Service

Example of Online Shopping

  • Click the payment button in PC
  • Automatically run application in mobile
  • Complete payment after fingerprint authentication
  • Partners

     

    Fingerprint Dongle & Mouse

    Authentication and Security solutions for Fingerprint Dongle & Mouse

    Services Overview

    • Security solution through fingerprint authentication

    • Fingerprint authentication can be used in any device (PC, Mobile, Tablet)

    • Applying Service : Document security solutions, Integrated Certification Services etc.

    Providing solutions

    • Development of FIDO interlocking solutions and Applications

    • Development of Fingerprint Dongle & Mouse HW

    • Expected to launch services in collaboration with financial institutions and security solutions provider