1
00:00:08,600 --> 00:00:22,200
Identity and access management. 
Welcome to the identity of the 

2
00:00:22,200 --> 00:00:24,400
center podcast I'm Jeff and 
that's Jim. 

3
00:00:24,400 --> 00:00:26,600
Hey Jim hey Jeff. 
How's it going? 

4
00:00:27,000 --> 00:00:28,100
I'm pretty good. 
How about yourself? 

5
00:00:28,700 --> 00:00:32,299
Good. 
It sounds like you've got a new 

6
00:00:32,299 --> 00:00:47,700
microphone 
that really improves your data. 

7
00:00:48,300 --> 00:00:51,600
It's simple I think you should 
plug it, let everybody know 

8
00:00:51,600 --> 00:00:54,400
about it. 
So Chris today I basically 

9
00:00:55,000 --> 00:00:58,200
filters out your background 
noise or not a commercial. 

10
00:00:58,200 --> 00:00:59,800
I think it's, you know, it's 
freeware. 

11
00:01:00,000 --> 00:01:05,500
Or it's free to start with 
anyway, not free, but you get 2 

12
00:01:05,500 --> 00:01:08,000
hours a week. 
I think is what their, what they

13
00:01:08,000 --> 00:01:10,700
start off with. 
But yeah, we don't, we don't 

14
00:01:10,700 --> 00:01:12,700
currently have sponsors or 
commercials or anything like 

15
00:01:12,700 --> 00:01:14,300
that. 
But yeah, like you said it's 

16
00:01:14,400 --> 00:01:16,000
it's a pretty cool little 
program. 

17
00:01:16,000 --> 00:01:19,700
Just runs a little app on 
Windows or Mac and seems to be 

18
00:01:19,900 --> 00:01:23,200
do a pretty good job of reducing
background noise and things like

19
00:01:23,200 --> 00:01:24,800
that. 
You never want to be that person

20
00:01:24,800 --> 00:01:27,900
right on the on the zoom call, 
or teams or whatever it may be 

21
00:01:27,900 --> 00:01:29,800
where you can kind of hear 
everything, right? 

22
00:01:29,900 --> 00:01:31,800
In the background. 
So I thought was pretty cool. 

23
00:01:31,800 --> 00:01:33,400
So, glad you're getting some 
juices out of. 

24
00:01:33,700 --> 00:01:37,300
I've been that guy on our on our
podcast for a long time. 

25
00:01:37,300 --> 00:01:40,700
Where, you know, we set up rules
around me which is keep your 

26
00:01:40,700 --> 00:01:44,500
earpod case far away. 
So you can't click it and you 

27
00:01:44,500 --> 00:01:46,400
know, don't squeak in your 
chair. 

28
00:01:46,400 --> 00:01:50,200
And so now I've got a good 
microphone, I've got the noise 

29
00:01:50,200 --> 00:01:53,600
reduction software, I think I'm 
ready to go. 

30
00:01:54,300 --> 00:01:56,500
There's so many layers of noise 
reduction, not even Sheriff. 

31
00:01:56,500 --> 00:01:58,300
Pruitt, we're not even sure. 
Sometimes of like our voices 

32
00:01:58,300 --> 00:01:59,800
will come out. 
All right. 

33
00:01:59,900 --> 00:02:03,700
Exactly. 
So for today's topic we're going

34
00:02:03,708 --> 00:02:07,200
to talk about Fido and for those
who aren't familiar, that's fast

35
00:02:07,200 --> 00:02:10,199
identity online, and there's no 
better person to talk about 

36
00:02:10,199 --> 00:02:12,400
that. 
Then and Russia are who is the 

37
00:02:12,400 --> 00:02:15,500
executive director and chief 
marketing officer of the Fido 

38
00:02:15,500 --> 00:02:17,100
Alliance. 
And we've got them today. 

39
00:02:17,100 --> 00:02:18,500
We're very fortunate with for 
that. 

40
00:02:18,500 --> 00:02:20,600
And thank you for joining. 
Welcome to the show. 

41
00:02:20,600 --> 00:02:22,500
Andrew, and thank you. 
Thanks for having me guys. 

42
00:02:22,500 --> 00:02:24,500
Really appreciate it. 
Great. 

43
00:02:24,500 --> 00:02:30,300
So, I know that Fido has really 
started to really kind of Of get

44
00:02:30,300 --> 00:02:33,700
a foothold out there but before 
we get to that one of the things

45
00:02:33,700 --> 00:02:36,700
that we like to start to talk 
about is when we have a guest on

46
00:02:36,700 --> 00:02:40,800
is their background in it and 
identity and access management. 

47
00:02:41,000 --> 00:02:43,800
Can you tell us a bit about how 
you got into I am? 

48
00:02:44,800 --> 00:02:48,000
Yeah sure so I'm not a 
practitioner per se but I know 

49
00:02:48,000 --> 00:02:53,100
it was done a variety of kind of
marketing and strategic 

50
00:02:53,600 --> 00:02:56,800
development type roles in 
emerging technology. 

51
00:02:57,600 --> 00:03:01,100
And so I got into identity, I 
think before identity was All 

52
00:03:01,100 --> 00:03:05,300
back in 2001. 
I went back to Sun Microsystems 

53
00:03:05,300 --> 00:03:08,200
were previously, worked to help 
them launch, something called 

54
00:03:08,200 --> 00:03:11,800
Liberty Alliance, and I'm sure 
many of your listeners are 

55
00:03:11,800 --> 00:03:14,300
familiar with Liberty. 
This was the kind of first 

56
00:03:14,300 --> 00:03:19,300
standards effort to standardize 
what became to be known as 

57
00:03:19,300 --> 00:03:22,400
Federated identity. 
So, a lot of the Liberty specs 

58
00:03:22,400 --> 00:03:26,900
during into stable to specs and 
it was really interesting time 

59
00:03:26,900 --> 00:03:31,500
to be in identity because 
frankly, it wasn't in the 

60
00:03:31,508 --> 00:03:34,200
mainstream whatsoever. 
I'm a lot of my job at that 

61
00:03:34,200 --> 00:03:37,500
point was to help me recruit the
initial companies and Liberty 

62
00:03:37,500 --> 00:03:40,300
Alliance. 
And so I defy, you know, around 

63
00:03:40,300 --> 00:03:45,500
the world and talk to cxos and 
you my first part of the 

64
00:03:45,500 --> 00:03:47,700
conversation would be, you know,
what is identity, what does that

65
00:03:47,700 --> 00:03:49,600
end? 
I mean, to your business, which 

66
00:03:49,600 --> 00:03:52,900
side any means your employees, 
your customers, and is always 

67
00:03:52,900 --> 00:03:54,900
kind of thought, provoking 
discussion with people hadn't, 

68
00:03:54,900 --> 00:03:58,100
thought, about identity Beyond 
maybe for an identity. 

69
00:03:58,700 --> 00:04:02,500
So, it really fun. 
To be get into that space, I 

70
00:04:02,500 --> 00:04:07,600
subsequently then worked on 
Son's identity management, 

71
00:04:08,300 --> 00:04:10,600
product set and did a lot of 
go-to-market work there as well.

72
00:04:10,600 --> 00:04:14,600
So yeah, that's how I first got 
an identity as out of the space 

73
00:04:14,600 --> 00:04:19,100
for a while, then I got back 
into it when I joined Fido lines

74
00:04:19,100 --> 00:04:22,400
around five years ago. 
And one thing that's kind of fun

75
00:04:22,400 --> 00:04:25,600
was to see that. 
A same concept, we're talking 

76
00:04:25,600 --> 00:04:27,200
about the enter are relevant 
today. 

77
00:04:28,000 --> 00:04:31,100
Be some of the standards 
actually, now being Used and 

78
00:04:31,100 --> 00:04:33,200
seeing a lot of the people who 
have worked with back then are 

79
00:04:33,207 --> 00:04:35,100
still in the space. 
In fact, a lot of them are 

80
00:04:35,100 --> 00:04:38,300
inside of Fido lines. 
So it's been nice to kind of 

81
00:04:38,308 --> 00:04:43,300
reunite and get deeper in the 
identity Marketplace. 

82
00:04:45,000 --> 00:04:45,900
That's great. 
Andrew. 

83
00:04:46,400 --> 00:04:49,600
One of the things I think kind 
of the starting point we ought 

84
00:04:49,600 --> 00:04:54,400
to start with, which is what is 
Fido, and why was it founded? 

85
00:04:56,000 --> 00:05:00,100
Yeah, so if I do, Alliance was 
founded to address. 

86
00:05:00,100 --> 00:05:04,400
The data breach plague. 
You know, data breaches continue

87
00:05:04,400 --> 00:05:09,600
to grow and scale and a number 
of attackers are growing 

88
00:05:09,600 --> 00:05:14,400
sophistication and tools and and
the vast majority of data 

89
00:05:14,400 --> 00:05:17,800
breaches are caused by 
passwords, right? 

90
00:05:17,800 --> 00:05:21,200
So you two patterns being 
compromised stolen, Cask, 

91
00:05:21,200 --> 00:05:24,100
passwords being stuffed, social 
engineering, taking password, go

92
00:05:24,100 --> 00:05:27,500
to someone stands up, Sports 
cars, you know, over 80% of data

93
00:05:27,500 --> 00:05:32,000
breaches on an annual basis. 
And so, you know, passwords are 

94
00:05:32,008 --> 00:05:35,000
very much acceptance of the 
spear to address. 

95
00:05:35,000 --> 00:05:38,600
The database problem which is 
why the title is focused on 

96
00:05:38,600 --> 00:05:42,000
that, right? 
So our mission is simply to 

97
00:05:42,000 --> 00:05:46,800
reduce industry relies on 
passwords in favor as vital 

98
00:05:46,800 --> 00:05:50,500
authentication. 
Fundamentally what Fido is doing

99
00:05:50,500 --> 00:05:54,200
is trying to shift the market 
and shipped industry. 

100
00:05:55,100 --> 00:05:58,200
The way from being dependent on 
not as passwords. 

101
00:05:58,200 --> 00:06:01,300
It really all server-side shared
secrets and server side 

102
00:06:01,300 --> 00:06:03,500
authentication in favor of an 
approach that leverages 

103
00:06:03,500 --> 00:06:06,900
public-key cryptography and 
takes advantage of devices that 

104
00:06:06,900 --> 00:06:09,400
are in use your scans every day,
right. 

105
00:06:09,400 --> 00:06:12,600
So our tagline is simpler 
stronger authentication, so it's

106
00:06:12,600 --> 00:06:13,900
stronger. 
Authentication using the public 

107
00:06:13,900 --> 00:06:17,700
key cryptography, but also 
simpler because any side 

108
00:06:17,700 --> 00:06:21,900
authentication activity is done 
with a single single gesture. 

109
00:06:22,900 --> 00:06:26,300
So whether that's touching my 
finger to a phone touching, a 

110
00:06:26,300 --> 00:06:30,500
security key in certain security
key, using face, ID, or Windows,

111
00:06:30,500 --> 00:06:32,500
hello. 
This is all just one gesture for

112
00:06:32,500 --> 00:06:35,000
me to authenticate myself. 
And I think that's really 

113
00:06:35,000 --> 00:06:41,400
important because as we've all 
seen, If a second you know if if

114
00:06:41,400 --> 00:06:43,300
security is too hard, will won't
use it. 

115
00:06:43,400 --> 00:06:46,500
The option rates, go down 
especially with consumers. 

116
00:06:47,000 --> 00:06:50,200
Often rates for second Factor 
authentication, go down, the 

117
00:06:50,200 --> 00:06:53,400
more complex, it is. 
So we think that, you know, 

118
00:06:53,600 --> 00:06:57,100
decreasing friction while 
increasing security is the 

119
00:06:57,100 --> 00:06:58,700
approach. 
We need to take to get people, 

120
00:06:58,700 --> 00:07:01,100
to actually adopt stronger 
communication. 

121
00:07:01,800 --> 00:07:05,900
Now, one other note, I want to 
make As I said all shared 

122
00:07:05,900 --> 00:07:11,300
secrets on the sermon, right? 
So while any form of MFA or two,

123
00:07:11,300 --> 00:07:15,700
if a any second factor for 
authentication, is better than 

124
00:07:15,700 --> 00:07:19,600
passwords loan and will protect 
people against scalable tax, 

125
00:07:21,500 --> 00:07:23,000
frankly. 
Anything on a server can will be

126
00:07:23,000 --> 00:07:28,600
stolen, so that includes otps. 
Otps are still shared secret, 

127
00:07:28,700 --> 00:07:30,800
they're still on a server. 
I'll be it for a much shorter 

128
00:07:30,800 --> 00:07:33,900
period of time, but they can be 
manipulated through a man in the

129
00:07:33,900 --> 00:07:35,800
middle attack. 
That replay attack and things 

130
00:07:35,800 --> 00:07:38,800
like that. 
You know, that's how you know, a

131
00:07:38,800 --> 00:07:41,400
lot of spearfishing. 
It attacks are successful, 

132
00:07:41,400 --> 00:07:43,200
people think are protected, but 
they're really not. 

133
00:07:43,600 --> 00:07:48,100
So, you know, half those are 
good at their jobs which is why 

134
00:07:48,200 --> 00:07:50,600
over 40% of phishing attempts 
are successful. 

135
00:07:51,300 --> 00:07:54,100
So we need to put tools in the 
hands of users, that help 

136
00:07:54,100 --> 00:07:57,100
protect them from the bad guys 
and also from themselves because

137
00:07:57,100 --> 00:08:00,100
it's very easy to get fished, 
frankly, there's no shame in it 

138
00:08:00,100 --> 00:08:01,900
because you're dealing with 
professionals. 

139
00:08:02,500 --> 00:08:06,900
So we need to Implement fight 
authentication to help people, 

140
00:08:07,300 --> 00:08:10,900
prevent prevent people from 
getting their cows, taking over 

141
00:08:10,900 --> 00:08:12,600
other nefarious, things 
happening. 

142
00:08:14,000 --> 00:08:16,400
What I'd like to add to that. 
I think you should only really 

143
00:08:16,400 --> 00:08:18,400
good point about phishing 
attacks. 

144
00:08:18,400 --> 00:08:21,100
As you know, we run into the 
phishing attack. 

145
00:08:21,100 --> 00:08:24,800
Where you think gosh person must
be stupid to fall for those but 

146
00:08:24,800 --> 00:08:29,600
I've seen some, you know, 
especially videos and Conference

147
00:08:29,600 --> 00:08:34,000
presentations from like black 
hat where these phishing attack,

148
00:08:34,000 --> 00:08:36,500
some of them are extremely 
sophisticated. 

149
00:08:36,799 --> 00:08:42,799
They'll poses a site like Google
have you log in and provide a 

150
00:08:42,799 --> 00:08:44,500
one-time. 
Word really? 

151
00:08:44,500 --> 00:08:48,300
They're taking that then and in 
the background authenticating 

152
00:08:48,300 --> 00:08:52,400
you and then, you know, changing
your password while you're in 

153
00:08:52,400 --> 00:08:57,200
the site and it's like I can see
how people can can get duped 

154
00:08:57,200 --> 00:08:58,700
into those. 
Now those are the more 

155
00:08:58,700 --> 00:09:02,100
sophisticated ones is not your 
everyday phishing attack but you

156
00:09:02,100 --> 00:09:04,900
know when the risk is high it 
certainly there. 

157
00:09:05,300 --> 00:09:07,200
Yeah. 
I mean I just want to come back 

158
00:09:07,200 --> 00:09:11,400
the data point as a Google 
statistic 40% of well-designed 

159
00:09:11,400 --> 00:09:14,300
phishing attacks are successful.
Arthur you had like you said, 

160
00:09:14,300 --> 00:09:16,300
we're not talking about a 
Nigerian prince, you know, 

161
00:09:18,000 --> 00:09:19,900
sloppy emails. 
But these are in a well-designed

162
00:09:20,300 --> 00:09:22,400
phishing attacks of a 40% 
success rate. 

163
00:09:22,400 --> 00:09:25,300
Now, the click rate success 
rate, which is a staggering 

164
00:09:25,300 --> 00:09:28,900
number which you know, it shows 
that fishing pays it really 

165
00:09:28,900 --> 00:09:31,800
starts to outline the depth of 
this problem. 

166
00:09:33,100 --> 00:09:38,000
At 40% is an astronomical number
considering that usually, that 

167
00:09:38,000 --> 00:09:41,900
kind of attack is, is talking 
about single digit success, 

168
00:09:41,900 --> 00:09:44,100
right? 
So if you can, I mean, that is 

169
00:09:44,100 --> 00:09:47,500
just crazy. 
How many people fall for it, and

170
00:09:47,500 --> 00:09:51,600
sometimes it's, you know, 
obviously user education plays, 

171
00:09:51,600 --> 00:09:54,100
a big part in to it. 
But, you know, even the best can

172
00:09:54,100 --> 00:09:55,500
get fooled. 
And, you know, we saw what 

173
00:09:55,500 --> 00:09:58,700
recently happened with Twitter, 
right, where they got socially 

174
00:09:58,700 --> 00:10:02,200
engineered and someone got in 
and you did some things. 

175
00:10:02,200 --> 00:10:03,100
I'm thankful. 
IE. 

176
00:10:03,100 --> 00:10:05,900
They only care about Bitcoin but
they could have done a world of 

177
00:10:05,900 --> 00:10:09,600
damage like literally just based
off of that that social 

178
00:10:09,600 --> 00:10:11,400
engineering attack and then 
getting access to the inside 

179
00:10:11,400 --> 00:10:12,700
tool. 
So I think it's important to 

180
00:10:12,708 --> 00:10:17,900
understand that even though you 
have education, you need to back

181
00:10:17,900 --> 00:10:23,200
end it with good, strong methods
to enforce and reinforce the 

182
00:10:23,200 --> 00:10:24,500
security message. 
You're putting out there which 

183
00:10:24,500 --> 00:10:29,100
is why MFA is so important. 
So I'm glad your em not to get 

184
00:10:29,100 --> 00:10:32,200
off track on the, on the, the 
direction I want to take this, 

185
00:10:32,200 --> 00:10:37,000
but I'm glad You raised Twitter 
because I think you know what 

186
00:10:37,000 --> 00:10:40,100
needs to be clear is that, that 
attack could not have happened. 

187
00:10:40,700 --> 00:10:44,400
If those administrators were 
using Fido Securities. 

188
00:10:44,400 --> 00:10:46,600
Grab the social engineering 
attack, could not have been 

189
00:10:46,600 --> 00:10:49,800
successful if those never gab 
menswear you who are obviously, 

190
00:10:49,800 --> 00:10:53,500
you know, smart top of users, if
they were using fight a 

191
00:10:53,508 --> 00:10:55,700
Securities that that would not 
have been successful. 

192
00:10:57,200 --> 00:10:59,200
It's probably one of the bigger 
things you could do in an 

193
00:10:59,200 --> 00:11:01,400
organization. 
It still shocks me when when Jim

194
00:11:01,400 --> 00:11:04,800
and I are working with folks out
there that MFA is not kind of 

195
00:11:04,800 --> 00:11:07,400
standardized. 
I think, what's becoming more 

196
00:11:07,400 --> 00:11:10,000
prevalent? 
Is that MFA is put in place for 

197
00:11:10,000 --> 00:11:12,700
what they consider privileged 
access typically but they're 

198
00:11:12,708 --> 00:11:15,700
still not protecting normal 
users right from that kind of 

199
00:11:15,700 --> 00:11:18,400
thing. 
So, I think at this point, you 

200
00:11:18,400 --> 00:11:19,900
know, even Gartner think 
mentioned it. 

201
00:11:20,200 --> 00:11:23,600
I don't know if his last year 
year before that MFA is Baseline

202
00:11:23,600 --> 00:11:27,400
at this point, password is not 
good enough and The easier you 

203
00:11:27,400 --> 00:11:31,200
can make MFA the better 
experience it is. 

204
00:11:31,800 --> 00:11:33,900
You know, the easier Spears is 
going to be for the user, which 

205
00:11:33,900 --> 00:11:37,200
means that your security 
increases and makes it a lot lot

206
00:11:37,200 --> 00:11:39,300
better for everybody. 
So that's why I think that Fido 

207
00:11:39,300 --> 00:11:44,400
is is great because I can see 
the usability benefits of it. 

208
00:11:44,500 --> 00:11:46,700
And you know some of the 
challenges that it typically 

209
00:11:46,700 --> 00:11:51,500
solves around some of the more 
Legacy approaches to MFA. 

210
00:11:51,500 --> 00:11:56,200
Right things like tokens and you
know, SMS which are easy to 

211
00:11:56,800 --> 00:11:59,400
Oops, relatively speaking, you 
know, from a security standpoint

212
00:11:59,400 --> 00:12:02,300
you know e.l. one-time passwords
like all use all the stuff that 

213
00:12:02,300 --> 00:12:04,800
you said around it being stored 
somewhere in a server, write 

214
00:12:04,800 --> 00:12:06,200
that kind of thing. 
But also just the usability 

215
00:12:06,200 --> 00:12:09,600
aspect of it is huge. 
Jeff. 

216
00:12:09,600 --> 00:12:13,100
I'd also add to that, you know, 
that is the other angle. 

217
00:12:13,200 --> 00:12:17,700
So when you think about the 
statement passwords are dead or 

218
00:12:17,700 --> 00:12:22,100
pastors should be dead, 
passwords are dinosaurs, it's 

219
00:12:22,100 --> 00:12:26,400
not just the security aspect. 
It's also the usability aspect 

220
00:12:26,400 --> 00:12:31,700
and for me, that's a big reason.
Why Fido is so important and 

221
00:12:31,700 --> 00:12:34,900
room wondering, if you could 
kind of talk about the usability

222
00:12:35,400 --> 00:12:37,200
angle and why that's so 
important? 

223
00:12:38,400 --> 00:12:41,000
Yeah, fully. 
So, you know, as I mentioned 

224
00:12:41,000 --> 00:12:43,600
before, you invited tagline is 
simpler stronger, 

225
00:12:43,600 --> 00:12:45,200
authentication. 
And I think their part and 

226
00:12:45,200 --> 00:12:49,200
parcel, you know, if it's not 
easy, people use it and it needs

227
00:12:49,200 --> 00:12:53,800
to be easy for Mass adoption. 
So, if itís focused on a single 

228
00:12:53,800 --> 00:12:56,700
gesture strong user 
authentication. 

229
00:12:58,200 --> 00:13:02,600
So, let's take a different lean 
on this and look at traditional 

230
00:13:02,600 --> 00:13:05,100
means of an effect. 
All right, so that multi-factor 

231
00:13:05,100 --> 00:13:07,700
authentication is to a phase is 
not new. 

232
00:13:09,000 --> 00:13:10,800
But it's had some challenges, 
right? 

233
00:13:10,800 --> 00:13:13,500
And they have both security and 
usability challenges, all right.

234
00:13:13,500 --> 00:13:16,100
So the traditional means, you 
know, what going way back is 

235
00:13:16,100 --> 00:13:21,900
having like a token dedicated 
token with totp on it but a 

236
00:13:21,908 --> 00:13:23,500
dedicated piece of hardware for 
Easter. 

237
00:13:23,500 --> 00:13:26,600
So say you have I also talked 
about that he's ability for a 

238
00:13:26,600 --> 00:13:28,300
second. 
One, is you have to know if 

239
00:13:28,300 --> 00:13:31,400
you're doing a lot of sensitive 
work, you have multiple tokens. 

240
00:13:31,400 --> 00:13:34,900
We have the token keychain 
problem to you need to literally

241
00:13:34,900 --> 00:13:38,000
juggle, you know, devices to 
enter in the code. 

242
00:13:38,100 --> 00:13:42,700
Code to verify yourself with it 
with two new system. 

243
00:13:44,100 --> 00:13:47,100
Now compare that to find him, 
we're everything the tokens that

244
00:13:47,100 --> 00:13:48,300
you have. 
So, you're using external 

245
00:13:48,300 --> 00:13:50,600
security key. 
But we call Roman authenticator,

246
00:13:51,100 --> 00:13:53,000
you know, that can support 
multiple services. 

247
00:13:53,200 --> 00:13:55,500
And again, all you need to do is
touch it or insert it is. 

248
00:13:55,500 --> 00:13:57,500
All you're doing is proving 
possession of the advice. 

249
00:13:58,400 --> 00:14:01,100
So there's a good example right 
there of how. 

250
00:14:01,300 --> 00:14:04,900
If I do provides a superior user
experience over the traditional 

251
00:14:06,000 --> 00:14:08,000
token-based means the 
multi-factor Authentication. 

252
00:14:08,100 --> 00:14:12,400
Ocean. 
Additionally, if I do obviously 

253
00:14:12,400 --> 00:14:15,600
supports Biometrics, which 
brings the same benefits of 

254
00:14:16,800 --> 00:14:20,000
security and privacy at Fidos, 
public key cryptography, 

255
00:14:20,000 --> 00:14:24,000
underlying architecture but you 
can use biometric to prove 

256
00:14:24,000 --> 00:14:27,400
possession and to verify 
yourself also and that's even 

257
00:14:27,400 --> 00:14:29,800
easier, right? 
Where you just literally again 

258
00:14:30,800 --> 00:14:32,900
touching a device or you're 
looking at a camera, right? 

259
00:14:32,900 --> 00:14:37,300
So, Any of our users, any of 
your listeners who use Windows? 

260
00:14:37,300 --> 00:14:38,600
Hello. 
Are you seeing this every day? 

261
00:14:39,200 --> 00:14:42,700
But I logged into my PC looking 
at my camera I mean it doesn't 

262
00:14:42,700 --> 00:14:46,200
get much easier than that or by 
touching my personal favorite 

263
00:14:46,200 --> 00:14:48,300
are brain scanner or using a 
local pin. 

264
00:14:48,600 --> 00:14:51,300
Now the key thing is that all 
this is local on the device and 

265
00:14:51,300 --> 00:14:56,500
all very user-friendly single 
action to you know do things 

266
00:14:56,500 --> 00:14:58,200
that are traditionally 
associated with a locking 

267
00:14:58,200 --> 00:15:01,400
devices. 
Are now being used with Fido to 

268
00:15:01,400 --> 00:15:04,000
log me in, right? 
So that's kind of the smaller 

269
00:15:04,100 --> 00:15:05,900
Little League. 
We need people to take is that 

270
00:15:06,400 --> 00:15:09,900
unlock means login and the same 
easy mechanism you have for. 

271
00:15:09,900 --> 00:15:14,000
That is actually doing a highly 
secure authentication process 

272
00:15:14,400 --> 00:15:18,900
through the same exact action. 
I'm a big fan of Windows. 

273
00:15:18,900 --> 00:15:21,900
Hello. 
I have been for years and, you 

274
00:15:21,908 --> 00:15:25,200
know, I think Jim is mentioned 
before, but I'm kind of a tech 

275
00:15:25,200 --> 00:15:27,300
geek tech nerd, some kind of on 
The Cutting Edge of the 

276
00:15:27,300 --> 00:15:29,900
technology usually and you know,
I saw Windows. 

277
00:15:29,900 --> 00:15:33,400
Hello several years back when it
was first rolling out and I 

278
00:15:33,400 --> 00:15:37,600
couldn't wait for that Hardware 
to become more prevalent in the 

279
00:15:37,600 --> 00:15:40,900
Enterprise because typically 
Enterprise Hardware Cycles are 

280
00:15:41,200 --> 00:15:43,100
somewhere in the two to four 
year range. 

281
00:15:43,100 --> 00:15:46,400
You know if not longer and you 
know, it's going to be a couple 

282
00:15:46,400 --> 00:15:48,900
of years before. 
The fingerprint reader. 

283
00:15:49,000 --> 00:15:52,900
The, you know, the IR camera is 
standard Hardware right on most 

284
00:15:52,900 --> 00:15:54,800
Enterprise devices. 
So I'm excited to see that 

285
00:15:54,800 --> 00:15:58,500
becoming more of an option in 
the Enterprise and I'm really 

286
00:15:58,500 --> 00:16:01,900
excited to hear that Apple join 
the fight Alliance relative 

287
00:16:01,900 --> 00:16:03,200
recently. 
Think it was maybe a couple 

288
00:16:03,200 --> 00:16:06,800
months ago at this point and I'm
hopeful that things like touch 

289
00:16:06,800 --> 00:16:09,100
ID and the rumored face ID on 
the Mac books. 

290
00:16:09,100 --> 00:16:12,400
For example, that might be 
coming out in the future, might 

291
00:16:12,400 --> 00:16:15,400
be taking advantage of that and 
I know that you've got a lot of 

292
00:16:15,400 --> 00:16:17,100
big Heavy Hitters in the 
industry. 

293
00:16:17,100 --> 00:16:20,900
Maybe In talk a little bit about
folks like Microsoft and Apple 

294
00:16:20,900 --> 00:16:23,800
and other organizations Google 
that. 

295
00:16:23,800 --> 00:16:26,000
That might be part of the 
alliance and what that brings to

296
00:16:26,000 --> 00:16:28,100
the table. 
Yeah, absolutely. 

297
00:16:29,000 --> 00:16:32,000
And so, Apple did join photos 
board of directors in January of

298
00:16:32,000 --> 00:16:33,600
this year and it's been really 
great. 

299
00:16:33,600 --> 00:16:38,100
And I think once you have makes 
50 unique and I've done a number

300
00:16:38,100 --> 00:16:40,100
of Standards, I mentioned, 
Liberty Alliance, I've done. 

301
00:16:40,100 --> 00:16:43,300
Other kind of multi stakeholder 
organizations in my career. 

302
00:16:44,000 --> 00:16:45,700
What makes 50 unique is that 
there isn't really an 

303
00:16:45,700 --> 00:16:48,600
alternative standards Effort 
right. 

304
00:16:48,600 --> 00:16:53,400
There is no betamax our VHS not 
to date myself, but if you're 

305
00:16:53,400 --> 00:16:55,600
interested in standards based 
authentication, it's really 

306
00:16:55,600 --> 00:16:59,800
quite oh and apple joining at 
the beginning of year really 

307
00:16:59,800 --> 00:17:04,599
unified the industry around side
of authentication. 

308
00:17:04,599 --> 00:17:08,500
So I think it's really important
but amongst our members, we have

309
00:17:08,500 --> 00:17:13,099
250 something members in the 
alliance include have board 

310
00:17:13,599 --> 00:17:16,200
around 40 companies. 
And I think, what's really cool 

311
00:17:16,200 --> 00:17:19,400
about our board of directors is 
a It has the right composition 

312
00:17:19,400 --> 00:17:22,099
accompany the right composition 
companies to address this 

313
00:17:22,099 --> 00:17:28,600
password problem. 
So first we have kind of loosely

314
00:17:29,300 --> 00:17:32,600
described these companies as 
device manufacturers. 

315
00:17:32,600 --> 00:17:39,600
So people who are creating the 
devices and platforms that we 

316
00:17:39,608 --> 00:17:42,200
use everyday. 
So companies on a ship's outside

317
00:17:42,200 --> 00:17:45,800
like Garnet Intel and Finney and
groups like that but the 

318
00:17:45,800 --> 00:17:51,500
platform's right? 
So Microsoft Google Apple device

319
00:17:51,500 --> 00:17:53,800
manufacturers like Samsung 
Lenovo right? 

320
00:17:53,800 --> 00:17:57,200
All these companies are involved
with Fido making sure these 

321
00:17:57,200 --> 00:18:00,500
platforms and devices support 
fight authentication. 

322
00:18:01,100 --> 00:18:05,800
Secondly, we have experts in 
security and Biometrics so both 

323
00:18:05,900 --> 00:18:09,500
stalwarts long time stalwarts 
like RSA and groups like that 

324
00:18:09,500 --> 00:18:12,700
and once fan but also you know, 
emerging companies are really 

325
00:18:12,700 --> 00:18:16,200
driving a lot of innovation and 
the authentication space like 

326
00:18:16,200 --> 00:18:18,700
you would go and hyper. 
And Knock-Knock and groups like 

327
00:18:18,700 --> 00:18:20,400
that, what you're really getting
a lot of traction. 

328
00:18:21,600 --> 00:18:24,500
And last but not least, we have 
the service providers, grab 

329
00:18:24,500 --> 00:18:27,800
these are the companies whose 
businesses are dependent upon 

330
00:18:27,800 --> 00:18:31,100
their ability to deliver High 
Assurance services to billions 

331
00:18:31,100 --> 00:18:33,800
of users worldwide on daily 
basis for estimating. 

332
00:18:33,800 --> 00:18:37,200
They are dependent on Fido being
successful or else you have to 

333
00:18:37,200 --> 00:18:39,600
go in and on standards 
Direction. 

334
00:18:40,000 --> 00:18:42,500
And so these are the, you know, 
the big social networking 

335
00:18:42,500 --> 00:18:47,100
companies like Facebook and 
groups like that. 

336
00:18:47,700 --> 00:18:51,000
Converse companies, like Amazon 
payments, networks MasterCard, 

337
00:18:51,000 --> 00:18:55,500
Visa American Express big banks.
These are the companies that are

338
00:18:55,500 --> 00:18:59,000
helping steer Fido lines. 
So I think when you look at that

339
00:18:59,000 --> 00:19:01,900
kind of breadth of membership 
that we have at the top, which 

340
00:19:01,900 --> 00:19:06,300
is also reflected throughout the
rest of our membership, you 

341
00:19:06,300 --> 00:19:08,800
know, I think it gives us a 
really good starting point to 

342
00:19:08,800 --> 00:19:11,800
help us be successful. 
In doing the three things that 

343
00:19:11,800 --> 00:19:16,300
finalized does, which is a bill 
technical specifications based 

344
00:19:16,300 --> 00:19:19,300
on Market. 
He's be, we Grant a 

345
00:19:19,300 --> 00:19:22,300
certification programming 
building a really diverse 

346
00:19:22,300 --> 00:19:26,200
ecosystem of products that are 
quite a certified, which 

347
00:19:26,900 --> 00:19:29,900
companies can use to deploy 
fighter with indication the 

348
00:19:29,900 --> 00:19:32,100
last. 
But not least, you know, develop

349
00:19:32,100 --> 00:19:35,700
best practices and help people 
be successful in understanding 

350
00:19:35,700 --> 00:19:37,600
and driving adoption if I do 
authentication. 

351
00:19:38,500 --> 00:19:42,900
So, yeah, cover the question 
starting with the Apple, but I 

352
00:19:42,908 --> 00:19:45,500
think it's really important to 
look at the full range of 

353
00:19:45,500 --> 00:19:48,900
members that we have. 
Driving 50 Ford. 

354
00:19:50,200 --> 00:19:51,900
Yeah, absolutely. 
I think that was a great 

355
00:19:51,900 --> 00:19:55,200
overview. 
You know, one thing that I 

356
00:19:55,200 --> 00:19:58,300
didn't really understand this 
until I started doing more 

357
00:19:58,300 --> 00:20:02,300
research is what is the 
difference between Fido and Fido

358
00:20:02,300 --> 00:20:07,200
too? 
Yeah, well, so let's back up and

359
00:20:07,200 --> 00:20:10,000
talk about photos specification 
than 50 architecture. 

360
00:20:10,000 --> 00:20:12,100
At a high level, but 
specifications. 

361
00:20:12,900 --> 00:20:16,700
So, as I mentioned previously, 
if I do authentication leverages

362
00:20:17,600 --> 00:20:19,800
public key cryptography, 
user-friendly public key 

363
00:20:19,800 --> 00:20:24,000
cryptography, High vertical, be 
called pki evolved. 

364
00:20:24,700 --> 00:20:26,400
But the key thing that we're 
doing is introducing, the 

365
00:20:26,408 --> 00:20:31,000
concept of an authenticator. 
An authenticator is both a 

366
00:20:31,000 --> 00:20:35,900
saying, in a concept, its base 
Ali where the private key 

367
00:20:36,000 --> 00:20:39,800
stored. 
And so, instead of having being 

368
00:20:39,800 --> 00:20:43,100
dependent on passwords on a 
server and study using public 

369
00:20:43,100 --> 00:20:46,600
key cryptography, you have a 
unique key pair for each Fido 

370
00:20:47,000 --> 00:20:49,000
account. 
The private key saves the 

371
00:20:49,000 --> 00:20:52,600
authenticator secure on the 
user's device and a public key 

372
00:20:53,000 --> 00:20:56,600
sits on the server instead of a 
password as we all know public 

373
00:20:56,600 --> 00:20:59,200
Keys, have no material value, 
the can't be reused. 

374
00:20:59,200 --> 00:21:03,900
So when, if and when I do, you 
know, Happens. 

375
00:21:05,400 --> 00:21:07,400
One thing it's not stolen is 
password, right? 

376
00:21:07,400 --> 00:21:11,000
Which starts to break that 
credentials that cycle, which is

377
00:21:11,000 --> 00:21:18,200
plaguing so many companies. 
But if I do specifications, So 

378
00:21:18,200 --> 00:21:20,000
the first intifada 
specifications are came out. 

379
00:21:21,000 --> 00:21:23,500
There are two. 
One is focused on a biometric 

380
00:21:23,500 --> 00:21:25,500
use case. 
I've just called 50 uaf out a 

381
00:21:25,508 --> 00:21:26,900
universal authentication 
framework. 

382
00:21:27,600 --> 00:21:31,300
And a second one was based on a 
second Factor, use case you to 

383
00:21:31,300 --> 00:21:34,800
F, which is popularized by 
gimmicky and all the other 

384
00:21:34,800 --> 00:21:37,300
companies. 
Now making biosecurity keys, 

385
00:21:37,800 --> 00:21:43,200
both of those have the same 
approach to underline with. 

386
00:21:43,200 --> 00:21:46,600
Again, if I do public key 
cryptography, underlying 

387
00:21:46,600 --> 00:21:49,500
architecture Supporting both to 
the differences. 

388
00:21:49,500 --> 00:21:51,900
With uaf is basically password 
replacement. 

389
00:21:51,900 --> 00:21:57,900
The biometric and u2f it was 
using activating the private Key

390
00:21:57,900 --> 00:22:01,400
by verifying possession. 
That device Again by inserting 

391
00:22:01,400 --> 00:22:04,100
your touching and interactions 
with security key. 

392
00:22:05,000 --> 00:22:08,600
Whereas back in a second with 
uaf, use a biometric to verify 

393
00:22:08,600 --> 00:22:10,900
yourself so that the private key
could be activated. 

394
00:22:11,700 --> 00:22:14,200
Those are the the first steps in
spite of specifications. 

395
00:22:15,400 --> 00:22:17,700
We saw strong take up with both 
uaf and you. 

396
00:22:17,900 --> 00:22:22,900
Laughs, you two have had strong 
pickups a inside of Google and 

397
00:22:22,900 --> 00:22:26,200
is attached to Google services. 
It still supports Google 

398
00:22:26,200 --> 00:22:33,000
services uaf was underpinning. 
A lot of native apps for I said 

399
00:22:33,000 --> 00:22:36,500
to the average user uaf looks no
different than if you have you a

400
00:22:36,508 --> 00:22:39,900
UF app on your iPhone, it look 
no different than your usual 

401
00:22:39,900 --> 00:22:42,700
Touch ID experience but is using
all the benefits of fight 

402
00:22:42,700 --> 00:22:46,000
authentication, rather than just
doing a kind of a password cut 

403
00:22:46,000 --> 00:22:47,300
and paste, which is what the 
native. 

404
00:22:47,900 --> 00:22:50,900
Biometric would do typically 
with with Touch ID. 

405
00:22:52,600 --> 00:22:54,600
So even though we have good 
uptake with both both two of 

406
00:22:54,600 --> 00:23:00,600
those, what photo realizes up to
gain scale, and to truly be in 

407
00:23:00,600 --> 00:23:05,500
position position to address. 
A password problem, we needed to

408
00:23:05,500 --> 00:23:08,300
Target the platforms starting 
with the web, right? 

409
00:23:08,300 --> 00:23:12,100
So if I do was working on 
something called the phyto 2.0, 

410
00:23:12,100 --> 00:23:17,600
web, apis inside the alliance. 
We made a strategic decision to 

411
00:23:17,800 --> 00:23:23,300
Contribute. 
These to the w3c and that became

412
00:23:24,200 --> 00:23:27,000
the web authentication working 
group The Wave off and working 

413
00:23:27,000 --> 00:23:32,400
group instead of w3c started in 
the beginning 2016 and that's 

414
00:23:32,400 --> 00:23:35,000
how, you know, 50 decided to 
Target the web. 

415
00:23:35,100 --> 00:23:37,300
Right. 
So in Coop and cooperation with 

416
00:23:37,300 --> 00:23:40,700
w3c and it'll often working 
group got a lot of stakeholders 

417
00:23:40,700 --> 00:23:43,300
and both Fido and w3c working on
that. 

418
00:23:43,900 --> 00:23:46,700
That's part of the fight, a to 
specification. 

419
00:23:47,600 --> 00:23:50,800
The other part of the part of to
specification was an extension 

420
00:23:50,800 --> 00:23:55,100
of u2f called CPAP clients 
authenticator protocol which you

421
00:23:55,100 --> 00:23:58,600
stand in the you to Fu stays to 
do a couple of things. 

422
00:23:58,600 --> 00:24:04,400
One, it allows for pasture was 
Suffocation by enabling resident

423
00:24:04,400 --> 00:24:08,100
credentials in a security key 
but secondly it also extends the

424
00:24:08,108 --> 00:24:12,200
use case to allow devices to be 
authentic are so now your 

425
00:24:12,200 --> 00:24:15,300
handset could be a security key 
in addition to security key. 

426
00:24:15,300 --> 00:24:17,300
So that starts to broaden the 
address. 

427
00:24:17,400 --> 00:24:21,300
It'll basically users who can 
leverage provide authentication 

428
00:24:21,300 --> 00:24:24,200
on the client side. 
Those two things together, web 

429
00:24:24,200 --> 00:24:26,600
off then and CCAP comprised by 
De to. 

430
00:24:27,700 --> 00:24:30,000
So you see a lot of talk wife, I
do too because that's where a 

431
00:24:30,000 --> 00:24:36,000
lot of Enterprises are starting 
to really move towards because 

432
00:24:36,000 --> 00:24:39,800
phyto to is supported in the 
windows environment and in a lot

433
00:24:39,800 --> 00:24:41,700
of kind of Enterprise 
infrastructure. 

434
00:24:42,700 --> 00:24:44,900
So that's one reason why there's
a lot more adoption. 

435
00:24:44,900 --> 00:24:48,400
I think an Enterprise with photo
to then May have seen with just 

436
00:24:48,400 --> 00:24:52,800
u2f, but frankly, it's that kind
of platform support and the web 

437
00:24:52,800 --> 00:24:56,900
support. 
That's really reassuring in a 

438
00:24:57,500 --> 00:25:00,000
huge wave of adoption for fight 
authentication. 

439
00:25:00,400 --> 00:25:04,300
So specifically, if I do to 
supporting in a couple important

440
00:25:04,300 --> 00:25:07,900
platforms, one is the web graph 
so that benefit one of the 

441
00:25:07,900 --> 00:25:11,500
benefits of working in w3c is 
that as soon as we want families

442
00:25:11,500 --> 00:25:15,100
done as part of the pilot to 
spec we had support out of the 

443
00:25:15,100 --> 00:25:20,000
box from leading web browsers. 
From Microsoft Mozilla and 

444
00:25:20,000 --> 00:25:25,200
Google and later on Apple has 
been supporting about, then in 

445
00:25:25,200 --> 00:25:27,000
Safari. 
So that's what that's a platform

446
00:25:27,000 --> 00:25:31,700
and of itself separately as we 
talked about earlier Windows, 

447
00:25:31,700 --> 00:25:35,100
hello is if I do certified 
authenticator basically. 

448
00:25:35,200 --> 00:25:38,400
So Windows 10, is it supports 
phototube inherently? 

449
00:25:39,000 --> 00:25:43,900
So any built-in biometric on a 
Windows, 10 machine can be used 

450
00:25:43,900 --> 00:25:48,100
in lieu of a password for your 
login on sites, that Part. 

451
00:25:48,400 --> 00:25:50,300
Well I said well, identified 
Authentication. 

452
00:25:51,400 --> 00:25:54,500
So what some windows tenza is a 
fight, a certified environment. 

453
00:25:54,800 --> 00:25:58,500
Additionally, Android is if I do
certified environment. 

454
00:25:58,500 --> 00:26:01,800
So any Android 7 or later, 
handset can support by do 

455
00:26:01,800 --> 00:26:06,600
authentication and likewise use 
the local biometric instead of a

456
00:26:06,600 --> 00:26:10,700
password both for Native apps 
and for, for web based 

457
00:26:10,700 --> 00:26:12,500
authentication. 
All right, so good example. 

458
00:26:12,500 --> 00:26:16,400
This, for those of you who have 
an Android device, visit, 

459
00:26:16,400 --> 00:26:20,000
ebay.com, and go to login with 
your Android device, and it will

460
00:26:20,000 --> 00:26:23,700
prompt you. 
To use your biometric instead of

461
00:26:24,100 --> 00:26:28,000
using the password. 
And then most recently, Apple 

462
00:26:28,000 --> 00:26:32,700
announced support for Fido and 
their update to iOS and Mac OS 

463
00:26:33,100 --> 00:26:40,300
that will allow web Safari. 
Also explicitly, support, fight 

464
00:26:40,300 --> 00:26:43,200
authentication with Native 
Biometrics on iPhones, and 

465
00:26:43,200 --> 00:26:46,500
macros. 
So that really starts to extend 

466
00:26:46,500 --> 00:26:48,900
the addressable user base. 
So all told, you know, over the 

467
00:26:48,900 --> 00:26:51,900
past year and a half, is you 
seen this platform has a If I do

468
00:26:52,300 --> 00:26:56,500
through phyto to you know 
there's billions of added 

469
00:26:56,500 --> 00:26:58,800
devices that can Now consume 500
authentication. 

470
00:26:59,500 --> 00:27:03,100
So I think that that expansion 
of the addressable Market by 

471
00:27:03,100 --> 00:27:05,700
default is one reason why we're 
seeing so many companies now, 

472
00:27:06,400 --> 00:27:09,100
ramp up their plans to support 
fighting. 

473
00:27:09,300 --> 00:27:11,900
So, yes, you know, that is going
back to your question that is 

474
00:27:11,900 --> 00:27:16,500
Phi 2 on those platforms. 
But ultimately, to us, you know,

475
00:27:16,700 --> 00:27:19,100
is I see it all as fight 
authentication because it all 

476
00:27:19,100 --> 00:27:21,100
has the same exact benefits as 
the initial. 

477
00:27:21,200 --> 00:27:26,700
So specifications brought to the
table and, you know, but it's in

478
00:27:26,700 --> 00:27:30,500
general, it's good to see this 
ground movement to support many.

479
00:27:30,800 --> 00:27:34,700
What are some of the Fido or 
Fido to Enterprise? 

480
00:27:34,800 --> 00:27:37,200
Use cases that people should be 
thinking about if they're 

481
00:27:37,200 --> 00:27:42,500
sitting in AC so chair or maybe 
as a member of an I am program 

482
00:27:42,500 --> 00:27:45,700
or I am architect, because I 
know a lot of the, the focus is 

483
00:27:45,700 --> 00:27:47,600
typically paid on the end user 
experience. 

484
00:27:48,000 --> 00:27:51,000
What if I'm trying to implement 
something like this as, you 

485
00:27:51,000 --> 00:27:53,100
know, Just a normal corporate 
environment. 

486
00:27:53,100 --> 00:27:55,300
What are some of the things that
you could offer to those types 

487
00:27:55,300 --> 00:27:59,300
of folks? 
Well, I think talk about a 

488
00:27:59,308 --> 00:28:01,200
couple of things. 
So, one, you know, you need to 

489
00:28:01,208 --> 00:28:03,600
think about your use case and 
your infrastructure. 

490
00:28:03,600 --> 00:28:07,000
I said, no environments, every 
environments, little different. 

491
00:28:08,200 --> 00:28:10,900
We talk about Microsoft support 
for Fido. 

492
00:28:11,000 --> 00:28:14,100
Right? 
So if your Microsoft shop moving

493
00:28:14,100 --> 00:28:17,100
towards Fidos is somewhat 
straightforward. 

494
00:28:17,100 --> 00:28:18,600
All right? 
So, add your ID, for example, 

495
00:28:18,600 --> 00:28:25,200
has a lot of support for, for 
users and then, of course, the 

496
00:28:25,208 --> 00:28:27,400
desktops all support, Fido as 
well. 

497
00:28:28,300 --> 00:28:30,200
But also, you know, another 
thing, I think that a lot of 

498
00:28:31,100 --> 00:28:33,000
soot surgery are dealing with 
and security. 

499
00:28:33,000 --> 00:28:38,100
Folks are worried about are the 
new entirely remote Workforce. 

500
00:28:38,400 --> 00:28:41,400
You know, how these people 
accessing system resources? 

501
00:28:41,800 --> 00:28:45,900
We were talking about fishing 
before you Fishers and are 

502
00:28:45,900 --> 00:28:49,200
targeting new remote workers. 
And so you need to make sure 

503
00:28:49,200 --> 00:28:53,400
that they're accessing systems 
as as securely as easily as 

504
00:28:53,400 --> 00:28:58,100
possible. 
So we encourage Just doesn't 

505
00:28:58,100 --> 00:29:00,900
think about deploying security 
keys after the remote Workforce 

506
00:29:01,300 --> 00:29:04,100
and get them moving that 
direction soon as possible or 

507
00:29:04,100 --> 00:29:10,000
using other kind of device 
Biometrics either on device, or 

508
00:29:10,900 --> 00:29:14,900
using a phone as a log in to 
protect their Workforce as well.

509
00:29:14,900 --> 00:29:18,400
So I think those are the key 
things to think about is what's 

510
00:29:18,400 --> 00:29:21,700
your use case, it was for a 
sexier look like and there 

511
00:29:21,700 --> 00:29:26,100
certainly are products that can 
be brought to bear to protect 

512
00:29:26,100 --> 00:29:27,500
you. 
The workers and system 

513
00:29:27,500 --> 00:29:32,600
resources, alike somehow that 
something else that Fido 

514
00:29:32,600 --> 00:29:36,200
Alliance is doing as a body. 
I mentioned before, you know, we

515
00:29:36,200 --> 00:29:38,500
do three things, one of those 
being establishing best 

516
00:29:38,500 --> 00:29:43,200
practices, for implementations 
of fight authentication, we have

517
00:29:43,200 --> 00:29:47,100
a working group Focus, only 
exclusively on Enterprise 

518
00:29:47,200 --> 00:29:51,800
deployment, use cases. 
So we just actually release the 

519
00:29:51,808 --> 00:29:56,400
white paper. 
Cxo considerations for moving to

520
00:29:56,400 --> 00:29:58,700
a patroclus Enterprise. 
It's actually going to be the 

521
00:29:58,700 --> 00:30:01,900
first in a series of papers that
get into more granular. 

522
00:30:01,900 --> 00:30:04,900
Death on exactly how to 
implement if I do decide 

523
00:30:04,900 --> 00:30:08,000
Enterprise. 
So I'd encourage people to check

524
00:30:08,000 --> 00:30:10,800
it out. 
Won't include some links as part

525
00:30:10,800 --> 00:30:13,100
of this podcast but can check 
out that serious. 

526
00:30:13,100 --> 00:30:16,200
You get more details on these 
best practice recommendations 

527
00:30:16,200 --> 00:30:20,500
which are being developed by 
actual Enterprise practitioners 

528
00:30:20,500 --> 00:30:23,800
inside if I do lines. 
So, Andrew, we talked a lot 

529
00:30:23,800 --> 00:30:27,600
about the security benefits, the
usability benefits, there's 

530
00:30:27,600 --> 00:30:33,200
obvious benefits to the 
organization thinking of from 

531
00:30:33,200 --> 00:30:37,500
the standpoint of the, the money
people, you know, moving the, 

532
00:30:37,500 --> 00:30:40,300
how does it? 
How does doing Fido move? 

533
00:30:40,300 --> 00:30:44,600
The needle mean, I can think 
from a cost perspective, you 

534
00:30:44,600 --> 00:30:48,800
know, there's avoidance of data 
breaches, but you know, can you 

535
00:30:48,800 --> 00:30:51,800
kind of address that we're 
within an organization? 

536
00:30:51,900 --> 00:30:53,900
And who cares? 
How do I get something like this

537
00:30:53,900 --> 00:30:56,700
approved? 
And how do I show that? 

538
00:30:56,700 --> 00:31:00,500
I can get an Roi and move the 
needle for the organization? 

539
00:31:02,200 --> 00:31:04,100
Yeah. 
Yeah that's a great question and

540
00:31:04,100 --> 00:31:06,100
it's interesting that I think 
opinions on this have shifted a 

541
00:31:06,108 --> 00:31:11,000
little better at least from 
gotten kind of broader. 

542
00:31:11,600 --> 00:31:14,700
So initially you know all the 
focus is on cost avoidance. 

543
00:31:15,300 --> 00:31:17,900
As you mentioned like avoiding a
data breach like the cosmic data

544
00:31:17,900 --> 00:31:20,800
breach, first of all that's 
actually enough avoiding data 

545
00:31:20,800 --> 00:31:23,200
breach from a cost standpoint. 
Point and a reputation 

546
00:31:23,200 --> 00:31:26,500
standpoint, and it should be a 
large enough imperative to move 

547
00:31:26,500 --> 00:31:29,800
away from passwords and towards 
something like photo, but with 

548
00:31:29,800 --> 00:31:35,400
other costs associated with in 
Enterprise associated, with not 

549
00:31:35,400 --> 00:31:37,700
using fighter, having complex 
authentication, right? 

550
00:31:37,700 --> 00:31:41,400
So password resets, you know, 
you see estimates for that 

551
00:31:41,400 --> 00:31:44,200
ranging from 100 to 1000 dollars
per reset. 

552
00:31:44,200 --> 00:31:48,800
Once you factor in the cost of 
downtime and systems and things 

553
00:31:48,800 --> 00:31:50,700
like that. 
So, password resets are 

554
00:31:50,700 --> 00:31:53,300
expensive. 
Lost productivity, bad. 

555
00:31:54,400 --> 00:31:57,400
If someone can't get into a 
system or can access the system 

556
00:31:57,400 --> 00:32:00,000
because it's too complex or they
forgot a password or whatever it

557
00:32:00,000 --> 00:32:04,100
might be, you're losing that 
money being spent on employee. 

558
00:32:04,100 --> 00:32:10,700
Not actually working the other 
costs are four different 

559
00:32:10,700 --> 00:32:12,600
depending on token. 
So I so the actual hardware 

560
00:32:12,600 --> 00:32:14,200
cloth associated with the in 
deploying. 

561
00:32:14,200 --> 00:32:16,900
So many tokens, the more 
advanced tokens are very 

562
00:32:16,900 --> 00:32:19,700
expensive. 
So I think inside the Enterprise

563
00:32:19,700 --> 00:32:24,100
if I do a prevent data breaches 
Has b gets rid of password, 

564
00:32:24,100 --> 00:32:27,900
resets and see makes it easier 
to log in Google did a case 

565
00:32:27,900 --> 00:32:32,700
study. 
Couple of years ago, which is we

566
00:32:32,700 --> 00:32:37,000
site often because is you tens 
of thousand employees over a 

567
00:32:37,008 --> 00:32:41,900
multi-year study using u2f 
security Keys, what they found. 

568
00:32:41,900 --> 00:32:44,300
First of all, generally talk 
about the fact that the study 

569
00:32:44,300 --> 00:32:46,900
found that not one of them got 
fished right? 

570
00:32:46,900 --> 00:32:49,800
Which is super important and 
goes to the core security 

571
00:32:49,800 --> 00:32:52,700
message and the bottom line 
benefits associated with that. 

572
00:32:53,400 --> 00:32:57,900
But other part that study points
to the fact that call center 

573
00:32:58,300 --> 00:33:04,800
support desk calls Way down and 
productivity went way up and the

574
00:33:04,800 --> 00:33:07,600
also got some sentimental 
feedback from people that they 

575
00:33:08,200 --> 00:33:09,600
like that login experience 
better. 

576
00:33:09,700 --> 00:33:12,600
So we're talking about there is 
you know those are three cops 

577
00:33:12,600 --> 00:33:15,400
battery juice. 
Plus happy employees is 

578
00:33:15,400 --> 00:33:16,700
beneficial to the company as 
well. 

579
00:33:16,700 --> 00:33:21,900
So I think there's a lot of ways
to look at how Fido creates cost

580
00:33:21,900 --> 00:33:24,200
savings and those are just some 
of them. 

581
00:33:25,100 --> 00:33:27,300
Additionally, there's Top Line 
benefits. 

582
00:33:28,200 --> 00:33:31,500
So, for companies that are 
selling to Consumers, you know, 

583
00:33:31,500 --> 00:33:36,500
around fast of shopping, cart 
abandonment, sardu to password 

584
00:33:36,500 --> 00:33:39,900
issues, people can't log in. 
They can't do that impulse. 

585
00:33:39,900 --> 00:33:45,200
Buy they decide not to buy. 
That's a huge opportunity cost. 

586
00:33:45,900 --> 00:33:52,200
Additionally, we think that 
there's brand benefit associated

587
00:33:52,200 --> 00:33:53,600
with the better login 
experience. 

588
00:33:53,600 --> 00:33:57,400
So we've recently actually 
introduced a consumer logo that 

589
00:33:57,400 --> 00:34:02,600
we anticipate service providers 
using or power bank account info

590
00:34:02,600 --> 00:34:05,700
button that we anticipate 
service providers using to 

591
00:34:06,400 --> 00:34:09,600
express their consumers that 
they are providing a, you know, 

592
00:34:09,699 --> 00:34:16,000
a industry blast, safer Superior
simpler logging experience, we 

593
00:34:16,000 --> 00:34:18,100
think there should be a halo 
effect associated with that, but

594
00:34:18,100 --> 00:34:23,000
even without the Fido, No, do 
you know a better logging 

595
00:34:23,000 --> 00:34:25,900
experience is good for good, for
one Springs. 

596
00:34:26,000 --> 00:34:27,600
Utah, so what are we saying 
before about? 

597
00:34:27,600 --> 00:34:30,800
How I think that opinions have 
evolved on this is that whereas,

598
00:34:30,800 --> 00:34:35,400
initially, most of the focuses 
on cost avoidance, we're seeing 

599
00:34:35,400 --> 00:34:38,400
a lot of companies have focus on
usability escort service, this 

600
00:34:38,400 --> 00:34:41,699
is better for my customers is 
making me have happier. 

601
00:34:41,699 --> 00:34:43,699
Customers stick your customers 
and things like that. 

602
00:34:43,699 --> 00:34:48,300
So a lot more Focus out from 
decision-makers on the top line 

603
00:34:48,300 --> 00:34:51,400
benefits. 
In addition, To the bottom line 

604
00:34:51,500 --> 00:34:54,000
across the widest. 
Yeah, I really like that idea. 

605
00:34:54,000 --> 00:34:59,200
So you have my stamp of approval
on the powered by Fido logo or 

606
00:34:59,200 --> 00:35:04,000
bad, just kind of like the Intel
inside, but I wanted to go back 

607
00:35:04,000 --> 00:35:09,100
to another point that you made, 
or maybe it was you agreeing 

608
00:35:09,100 --> 00:35:12,000
with my point around the data 
breaches. 

609
00:35:12,000 --> 00:35:17,200
Because I think when, you know, 
Jeff and I were talking about 

610
00:35:17,200 --> 00:35:22,400
data breaches, you know, five 
years ago It felt more to 

611
00:35:22,400 --> 00:35:25,500
Executives like we were 
spreading fear and uncertainty 

612
00:35:25,500 --> 00:35:30,100
and doubt and I just I feel like
we've come a long way since then

613
00:35:30,400 --> 00:35:36,000
anybody who thinks that is just 
you know, not tuned in I mean 

614
00:35:36,200 --> 00:35:39,800
the cost of a data breach, I 
think we saw a statistic 

615
00:35:39,800 --> 00:35:42,400
recently that the constitute a 
breach at least in the u.s. is 

616
00:35:42,400 --> 00:35:45,600
like over eight million dollars 
globally. 

617
00:35:45,600 --> 00:35:51,500
It's over 3 million dollars and 
that's made up Of, you know, a 

618
00:35:51,508 --> 00:35:56,700
lot of it is the companies have 
to run around and make good for 

619
00:35:56,700 --> 00:36:01,700
the fact that they fumbled 
people's data right in that they

620
00:36:01,700 --> 00:36:05,100
now maybe the victims of 
identity fraud. 

621
00:36:05,100 --> 00:36:08,700
So it's not fear, uncertainty 
and doubt and those numbers I 

622
00:36:08,700 --> 00:36:10,300
threw out there. 
Those are averages, right? 

623
00:36:10,300 --> 00:36:13,800
That includes a lot of a smaller
pieces and you get hit by a 

624
00:36:13,800 --> 00:36:18,600
really big breach, it can cost 
you much more in terms of 

625
00:36:18,800 --> 00:36:21,700
dollars as well. 
As what I think you pointed out 

626
00:36:21,700 --> 00:36:24,100
in terms of brand reputation, 
which is a little hard to 

627
00:36:24,100 --> 00:36:26,500
quantify. 
But it's not fear, uncertainty 

628
00:36:26,500 --> 00:36:30,800
and doubt, and hopefully that 
message is is getting out there.

629
00:36:32,700 --> 00:36:35,900
No, it's quite real you know. 
And in this comes back to the 

630
00:36:35,900 --> 00:36:39,000
question you asked earlier in 
Wi-Fi, do what's your Wi-Fi to 

631
00:36:39,000 --> 00:36:40,400
exist? 
And this is what we're trying to

632
00:36:40,408 --> 00:36:42,800
solve, right? 
So we were trying to solve 

633
00:36:42,800 --> 00:36:44,600
database problem. 
So, you know, we're often 

634
00:36:44,600 --> 00:36:48,300
Associated is rightly with the 
reducing Reliance on passwords. 

635
00:36:48,300 --> 00:36:51,700
But we're doing that to solve a 
data breach problem because that

636
00:36:51,700 --> 00:36:55,400
is the, you know, those are 
expensive and problematic and it

637
00:36:55,400 --> 00:36:59,600
really just erodes the Integrity
of the network economy itself 

638
00:36:59,600 --> 00:37:03,400
and that's not good for anybody.
Yeah, I think from a strategy 

639
00:37:03,400 --> 00:37:07,100
standpoint, if your insecurities
the two vectors that I would pay

640
00:37:07,100 --> 00:37:10,100
attention to and there are so 
many vectors right? 

641
00:37:10,200 --> 00:37:14,000
But the first one is the 
password and being able to get 

642
00:37:14,000 --> 00:37:16,500
rid of that and secure it in a 
better way, right? 

643
00:37:16,500 --> 00:37:19,700
Using Technologies like MFA 
which combined with Fido make it

644
00:37:19,700 --> 00:37:23,500
easier to use and then being 
able to mitigate against 

645
00:37:23,500 --> 00:37:26,600
ransomware attacks and the news 
today is Canon, got hit by a 

646
00:37:26,607 --> 00:37:29,800
ransomware jacket. 
So, you know, and that's, that's

647
00:37:29,800 --> 00:37:32,100
a pretty big one, right? 
And they're not sure if images. 

648
00:37:32,300 --> 00:37:34,700
Stolen. 
So that's adds another wrinkle 

649
00:37:34,700 --> 00:37:39,900
to it. 
So having the appropriate stance

650
00:37:39,900 --> 00:37:42,700
toward security, not only making
it available, making it easy to 

651
00:37:42,700 --> 00:37:44,800
use. 
I think is critically important 

652
00:37:44,800 --> 00:37:48,800
to the adoption and improving 
security as a whole because what

653
00:37:48,800 --> 00:37:51,500
you don't want to have is and 
you spend a bunch of money on 

654
00:37:51,500 --> 00:37:54,100
and getting something in place. 
And if it's unusable, no one's 

655
00:37:54,100 --> 00:37:56,200
going to use it, you know, 
what's the point? 

656
00:37:56,200 --> 00:37:57,000
Yeah. 
Right. 

657
00:37:57,100 --> 00:38:00,800
They're just going to find ways 
around it so, so I think I love 

658
00:38:00,800 --> 00:38:04,000
what's happening. 
If I do Oh, and I hope and pray 

659
00:38:04,000 --> 00:38:07,200
that, you know, other 
organizations will start to kind

660
00:38:07,200 --> 00:38:11,600
of see the light and consider 
security as a end-user 

661
00:38:11,600 --> 00:38:16,200
experience as much as possible. 
And by that, I mean taken to the

662
00:38:16,200 --> 00:38:18,400
fact that usability of it. 
So I think it's I think it's 

663
00:38:18,400 --> 00:38:21,600
super important you know, on 
those lines. 

664
00:38:21,600 --> 00:38:24,700
But you know, I think the 
changing that, you know, with 

665
00:38:24,700 --> 00:38:27,300
with covid and everything. 
You know, this remote Workforce 

666
00:38:29,000 --> 00:38:31,000
Your employees are not your 
consumers to, right? 

667
00:38:31,000 --> 00:38:32,600
So you even an Enterprise, you 
think, what? 

668
00:38:32,600 --> 00:38:35,600
How are these employees going to
log into systems securely and 

669
00:38:35,600 --> 00:38:41,000
and your people will find 
workarounds first person for 

670
00:38:41,200 --> 00:38:44,300
security, what when they can, 
you know, we're not everyone, 

671
00:38:44,300 --> 00:38:46,100
but a lot of employees will 
taste want to log in. 

672
00:38:46,100 --> 00:38:47,500
There is trying to do their job,
you know? 

673
00:38:47,500 --> 00:38:53,900
So you need to think about 
usable secure methodologies for 

674
00:38:54,100 --> 00:38:55,700
granting. 
The remote access to systems and

675
00:38:55,700 --> 00:38:57,000
that's where I think another 
area. 

676
00:38:57,700 --> 00:39:01,200
We're 50 does. 
Yeah, and this is and that and 

677
00:39:01,200 --> 00:39:03,600
that kind of stuff, right? 
Leads to things like, you know, 

678
00:39:03,607 --> 00:39:06,400
forwarding emails to a personal 
email address. 

679
00:39:06,400 --> 00:39:08,500
Well, I can't get to my baby, 
you know, regular work account 

680
00:39:08,500 --> 00:39:10,200
or it's too hard or whatever it 
is, right? 

681
00:39:10,200 --> 00:39:14,500
There's all kinds of excuses but
it's, you know, it's they're 

682
00:39:14,500 --> 00:39:16,600
solving a usability issue around
that, right? 

683
00:39:16,600 --> 00:39:19,000
If you make it easy for people 
to do their work and make it 

684
00:39:19,000 --> 00:39:22,600
secure, you start to eliminate 
some of those examples of 

685
00:39:22,600 --> 00:39:26,100
reasons why people would try to 
look for ways around the 

686
00:39:26,100 --> 00:39:29,400
security posture is it that 
people put in Place to make the 

687
00:39:29,408 --> 00:39:32,200
organization more secure, you 
know, is that I'm in favor of it

688
00:39:32,200 --> 00:39:34,700
which is which is a great thing.
And I know you mentioned that 

689
00:39:34,700 --> 00:39:37,000
white paper, we definitely will 
have a link to that in our show 

690
00:39:37,000 --> 00:39:42,000
notes I guess from a elevator 
pitch, right? 

691
00:39:42,100 --> 00:39:44,900
Why should someone read that 
white paper and what do you 

692
00:39:44,900 --> 00:39:48,200
think they'll take a take away 
out of it in 30 seconds or less?

693
00:39:48,600 --> 00:39:50,000
Well, it's really this getting 
people started. 

694
00:39:50,000 --> 00:39:53,600
I'm focusing on the Enterprise 
benefits of moving towards 

695
00:39:53,600 --> 00:39:56,700
pastoralists authentication for 
users, right? 

696
00:39:56,700 --> 00:39:58,200
So it's squarely focused on 
that. 

697
00:39:58,700 --> 00:40:03,900
It's an Enterprise paper that, 
you know, from Cicero on down, 

698
00:40:03,900 --> 00:40:06,900
in that organization can look at
it as succinctly. 

699
00:40:06,900 --> 00:40:12,300
Summarizes key considerations 
and the house and why why? 

700
00:40:12,300 --> 00:40:14,800
And how to be play Fido. 
And as I mentioned in the 

701
00:40:14,800 --> 00:40:19,200
beginning of a series that will 
get into more and more deaf, in 

702
00:40:19,200 --> 00:40:21,300
fact we'll have a blog post on 
this shortly. 

703
00:40:21,900 --> 00:40:24,200
Kind of starts to outline the 
series and of itself so people 

704
00:40:24,200 --> 00:40:27,400
can see the key steps associated
with deploying fight, own 

705
00:40:27,400 --> 00:40:32,100
Enterprise One thing, this is a 
little inwardly focused I 

706
00:40:32,107 --> 00:40:37,600
suppose, but one thing we 
realized our goal is to get 

707
00:40:37,600 --> 00:40:41,600
people to move to Fido. 
All right, we're unique in the 

708
00:40:41,607 --> 00:40:43,600
sense that we're a nonprofit 
organization working, not 

709
00:40:43,600 --> 00:40:46,100
pitching products. 
We're just trying to get people 

710
00:40:46,100 --> 00:40:50,100
to use their application but we 
have a lot of good high level 

711
00:40:50,100 --> 00:40:52,900
information on our website and 
we have some a lot of specs, you

712
00:40:52,900 --> 00:40:55,200
know, all the specs Europa and 
we have some very detailed white

713
00:40:55,200 --> 00:40:56,800
paper. 
Is what we're trying to find The

714
00:40:56,800 --> 00:40:59,700
Sweet Spot to make Final Act. 
Well for practitioners. 

715
00:40:59,700 --> 00:41:03,000
So I think this series of papers
will really be helpful though. 

716
00:41:03,000 --> 00:41:07,500
I'll be around five pages. 
Each very actionable in lawsuit 

717
00:41:07,500 --> 00:41:11,300
formation so I think that's what
this paper signals and is a good

718
00:41:11,300 --> 00:41:15,600
starting points again so I'd 
like to beat a dead horse here 

719
00:41:15,600 --> 00:41:18,300
we because I think everybody 
probably agrees that the 

720
00:41:18,300 --> 00:41:23,000
passwords are not a good enough 
control but just as a 

721
00:41:23,000 --> 00:41:27,600
practitioner myself I think to 
myself I'm relying on passwords 

722
00:41:27,700 --> 00:41:30,300
that can be pretty. 
Be sure those passwords have 

723
00:41:30,300 --> 00:41:32,800
already been hacked for a large 
number of users. 

724
00:41:33,100 --> 00:41:37,400
I had to sign up for a little 
league website the other day and

725
00:41:37,400 --> 00:41:39,500
create an account with a 
password. 

726
00:41:39,700 --> 00:41:43,200
I thought there's no way through
enough technology on the back 

727
00:41:43,200 --> 00:41:47,400
end of this little league 
website to secure my password, 

728
00:41:47,400 --> 00:41:49,000
remove, picking on Little 
League. 

729
00:41:49,100 --> 00:41:53,400
I'm picking on all the hundreds 
of websites that we use every 

730
00:41:53,500 --> 00:41:57,500
couple of years to create 
accounts and whether or not, you

731
00:41:57,500 --> 00:42:01,000
know, those of us The I am 
industry, use a password Locker,

732
00:42:01,300 --> 00:42:03,900
that's fine. 
The average average Joe on the 

733
00:42:03,908 --> 00:42:08,800
street doesn't and that's why 
you can be pretty sure that if 

734
00:42:08,800 --> 00:42:12,700
you're, if you have a system 
that relies on, you know, email 

735
00:42:12,700 --> 00:42:18,800
address and password age, going 
to get compromised Yeah, 

736
00:42:18,800 --> 00:42:22,300
absolutely. 
Set up before password is not 

737
00:42:22,300 --> 00:42:25,600
modern authentication. 
So that's all you're offering 

738
00:42:25,600 --> 00:42:28,900
your way behind already. 
Okay. 

739
00:42:29,000 --> 00:42:31,500
So I think, you know, I'm 
looking forward to the next 

740
00:42:31,500 --> 00:42:33,800
series of the papers and we'll 
put a link to the final Alliance

741
00:42:33,800 --> 00:42:36,100
website as part of the show 
notes Here. 

742
00:42:36,400 --> 00:42:38,600
I like that. 
The, the one you just put out it

743
00:42:38,600 --> 00:42:42,300
is definitely an easy read and I
think it's a good way for people

744
00:42:42,300 --> 00:42:45,700
to start to think about how to 
position the cell within your 

745
00:42:45,700 --> 00:42:48,700
organization of why we should 
start to move towards that 

746
00:42:48,700 --> 00:42:51,100
direction. 
So, if You're interested in 

747
00:42:51,100 --> 00:42:53,500
getting started with Fido or 
learning more about. 

748
00:42:53,500 --> 00:42:55,600
I think that's I think you've 
hit it right on the nail and I 

749
00:42:55,600 --> 00:42:58,200
had with that with that paper so
definitely check that out. 

750
00:42:58,200 --> 00:43:00,900
On the fight Owens website and 
also in the show notes that will

751
00:43:00,900 --> 00:43:03,000
have here which will have a 
direct link to it. 

752
00:43:04,000 --> 00:43:06,800
Andrew certainly, appreciate 
your time and I know you're a 

753
00:43:06,800 --> 00:43:10,400
busy guy. 
Any last words of wisdom that 

754
00:43:10,400 --> 00:43:12,500
you want to throw out there for 
the folks who are listening? 

755
00:43:13,500 --> 00:43:16,000
I think we hit on all the key 
points, and I hope people, you 

756
00:43:16,000 --> 00:43:20,100
know, enjoy enjoy listening to 
us today and, and take something

757
00:43:20,100 --> 00:43:22,400
away from this. 
Look for that paper. 

758
00:43:22,400 --> 00:43:27,000
One other thing that we're 
doing, we have an industry 

759
00:43:27,000 --> 00:43:29,900
conference that we were going to
launch us here in person. 

760
00:43:29,900 --> 00:43:31,800
We're going to be virtually 
virtually instead called 

761
00:43:31,800 --> 00:43:35,200
authenticate. 
So this was going to be a 

762
00:43:35,200 --> 00:43:37,900
two-day conference focused on 
all the ins and outs of 

763
00:43:38,000 --> 00:43:41,200
authentication, not just Fido 
authentication best practices. 

764
00:43:41,200 --> 00:43:45,100
You know, we had maybe a dozen 
cases, Studies plans, some kind 

765
00:43:45,100 --> 00:43:47,300
of case study track its 
technical track, the standards 

766
00:43:47,300 --> 00:43:52,400
track, all that's being rolled 
up into a virtual event so you 

767
00:43:52,400 --> 00:43:55,200
can find information on that on 
our website, but also on 

768
00:43:55,200 --> 00:44:00,100
authenticate conduct Cam, that 
is going to be taking place in 

769
00:44:00,100 --> 00:44:02,500
the middle of November. 
I strongly encourage people to 

770
00:44:03,000 --> 00:44:05,400
sign up to attend that if they 
want to learn more as well and 

771
00:44:05,400 --> 00:44:07,900
that's going to be free free to 
attend. 

772
00:44:09,000 --> 00:44:12,100
Great content was submitted for 
this paper, just a little 

773
00:44:12,100 --> 00:44:13,400
anecdote on authenticate. 
Eight. 

774
00:44:14,200 --> 00:44:16,200
We thought we're gonna have a 
hard time pulling together. 

775
00:44:16,200 --> 00:44:21,000
The agenda we had around six 
times as many papers submitted 

776
00:44:21,000 --> 00:44:24,200
as we had agenda slots, which 
may be super exciting because 

777
00:44:24,200 --> 00:44:26,800
they help us put together 
awesome set of content. 

778
00:44:27,100 --> 00:44:30,700
But also it shows that this is 
really gaining Traction in the 

779
00:44:30,707 --> 00:44:32,900
marketplace. 
We had submissions from all 

780
00:44:32,900 --> 00:44:35,500
corners of the world talking 
about different implementations 

781
00:44:35,500 --> 00:44:38,000
applications of Fido. 
So all that's being brought 

782
00:44:38,000 --> 00:44:40,200
forward into this event. 
I strongly encourage people to 

783
00:44:41,000 --> 00:44:42,200
to make sure to sign up to 
attend. 

784
00:44:43,500 --> 00:44:45,100
That's great. 
Yeah, I'll definitely put a link

785
00:44:45,100 --> 00:44:50,500
to that it's for the website its
aesthetic aesthetic. 8 con.com 

786
00:44:50,500 --> 00:44:52,800
and I'll have a link in the show
notes as well and I think that's

787
00:44:52,800 --> 00:44:54,800
fantastic, isn't it, free? 
I think we saw a lot of good 

788
00:44:54,800 --> 00:44:59,000
uptake with identifiers, for 
example, which I believe wrapped

789
00:44:59,000 --> 00:45:01,100
up last week or maybe it's 
wrapping up this week. 

790
00:45:01,500 --> 00:45:03,400
It's weird because it's 
stretched out over several 

791
00:45:03,400 --> 00:45:06,200
weeks, right? 
But yeah, I'm definitely going 

792
00:45:06,200 --> 00:45:08,200
to be registering for that and 
looking forward to it. 

793
00:45:08,200 --> 00:45:11,600
So so great deal Jim. 
Anything else that you want to 

794
00:45:11,600 --> 00:45:13,600
close out with before we answer 
Ergo. 

795
00:45:13,600 --> 00:45:16,000
No, I just wanted to sit and 
drove really appreciate your 

796
00:45:16,000 --> 00:45:21,100
time and knows the CEO of 500 
that you are extremely busy 

797
00:45:21,100 --> 00:45:26,500
person and just appreciate you 
taking the time to educate our 

798
00:45:26,500 --> 00:45:28,900
listeners. 
Thank you for having me. 

799
00:45:28,900 --> 00:45:30,500
How many people you could be 
talking to you? 

800
00:45:30,508 --> 00:45:33,400
And I appreciate it and, you 
know, our goal is to get the 

801
00:45:33,400 --> 00:45:37,400
word out and get people engaged 
and thank you for this 

802
00:45:37,400 --> 00:45:39,800
opportunity. 
Great. 

803
00:45:39,800 --> 00:45:42,400
Preciate it Andrew. 
And with that we're going to go 

804
00:45:42,400 --> 00:45:44,000
ahead and close it out for this 
week. 

805
00:45:44,500 --> 00:45:48,500
Don't forget you can follow us 
on Twitter at idac podcasts and 

806
00:45:48,500 --> 00:45:52,100
you can check us out on the web 
at identity at the center.com. 

807
00:45:52,700 --> 00:45:54,200
We're in your favorite podcast 
app. 

808
00:45:54,200 --> 00:45:57,600
So feel free to subscribe. 
Follow like whatever the thing 

809
00:45:57,600 --> 00:46:01,300
is that your podcast app. 
Does that helps us immensely and

810
00:46:01,400 --> 00:46:03,900
helps us get great guests like 
Andrew in the future. 

811
00:46:03,900 --> 00:46:07,300
So with that, we'll go ahead and
close it out for this week and 

812
00:46:07,500 --> 00:46:09,200
we'll be talking with you all in
the next one. 

813
00:46:09,300 --> 00:46:19,700
Thanks for listening. 
You've been listening to the 

814
00:46:19,700 --> 00:46:23,300
identity of the center podcast 
for more episodes of visit 

815
00:46:23,300 --> 00:46:24,800
identity at the center.com.
