WebAuthn 101 - Demystifying WebAuthn

Black Hat USA 2019

Presented by: Christiaan Brand
Date: Thursday August 08, 2019
Time: 09:00 - 09:25
Location: South Seas CDF

Five years later and we're finally at the finish line: Proposed recommendation for W3C WebAuthn. This talk will go into some detail on the use cases WebAuthn sets out solve, how we got here, what's ready for implementation today and what's coming. Any service implementing authentication should take note.

At Google I'm in the unique position to be part of the standards body, heading the team doing the implementation in platforms (Chrome, Android, CrOS) and responsible for our internal implementation so I have a pretty a unique perspective on this work.

Christiaan Brand

Christiaan Brand co-founded financial services security firm, Entersekt in 2009. He has since moved to Google where he's part of their Security and Identity teams. Christiaan is a frequent industry commentator on all areas involving cyber-crime and cyber security and co-chair of the FIDO2 technical working group inside the FIDO (Fast IDentity Online) alliance looking to standardize strong online security protocols.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats