Lead Software Engineer for Identity, eBay
Secure and Frictionless Account Access at eBay
The identity and authentication landscape is rapidly evolving and using passwords as a primary means of authentication is no longer a reliable option. Existing solutions for better authentication are either too complex to adopt or difficult to use. FIDO as an authentication standard is trying to bridge this gap and push notifications presents us with a technology which gives user a simple and seamless access to any mobile application. In this talk, I will present eBay’s journey with building simple, easy-to-use and robust authentication framework leveraging these two technologies. We will go over the overall architecture and take a look into how this framework can be utilized not just for primary or secondary authentication but also areas beyond authentication. It will also address the challenges we faced and best practices we followed to deploy it for large scale distribution like eBay. The talk aims at simplifying the complexities around the FIDO protocol and how to leverage it in practice to achieve stronger authentication.