No content

Agenda › The History of Password › Pros and Cons › Industry Trend › Passwordless LINE 

The History of Password password ? The ancient Roman military, more than 2000 years ago password ? The beginning of modern password, UNIX system in the late 1960s (Multics) 

Pros & Cons of “Password” › No relation to the owner › Can be leaked to others Cons Pros › Easy to be used / implemented › No dedicated sensor or device is required Tiny hidden cameras in ATM, fake power supplier to steal password source : City Of London Police 2017 

Something You Know Something You Have Something You Are 

Pros & Cons of “Biometric” › Dedicated sensors / devices are required Cons Pros › Intuitive user experience › No need to remember or carry › Nearly impossible to copy or steal › Strong relationship to the owner › Provide high security level FAR (False Accept Ratio) Comparison Kind FAR Remark fingerprint 1 / 50,000 capacity way iris 1 / 1,000,000 IR camera based PIN 1 / 10,000 in case of 4 digit 

Industry Trend Provides biometric login feature with password disabling option ! Yahoo! Japan eBay Docomo Microsoft https://www.microsoft.com/en-us/security/ business/identity/passwordless 

email & password brute-force login attack monitored by LINE › Eliminate security hole caused by password › Intuitive user experience › No brute-force login attack allowed Motivation of LINE Passwordless LINE 

Highlights Since LINE 10.18.0 Authentication Method Biometric Authentication User’s active PIN input flow Prevent Brutal Force Attack Make Your SmartPhone As A Key PaaK Password can be disabled PaaK = Primary As A Key 

› Face, Fingerprint for iOS › Face, Fingerprint, Iris , etc for Android › Screen unlock method like pattern drawing can be used as well 1. Registration Passwordless LINE 

› Optionally, user can disable ‘email - password’ login method by turning off the switch 2. Disable password (optional) Passwordless LINE 

› To use PaaK feature, one has to pair devices › This is required only for the first time. 3. Device Pairing Passwordless LINE 

4. How it works - PaaK Login - (1/2) Passwordless LINE ᶃ Input phone number and choose `Log in` ᶄ Press `Log in` button 

Passwordless LINE 4. How it works - PaaK Login - (2/2) ᶆ Log in completes ᶅ biometric verification (face,fingerprint..) 

Passwordless LINE - Behind The Scene 1 We didn’t want users to see this alarm ! › At the first pairing stage, user is guided to input PIN code after browsing setting menu actively instead of getting push pop-up noti › No need to worry about false login attempt because abuser can’t request PIN input automatically 

We wanted to promote Passwordless login smoothly › Integrate `QR code login` and `Email & Password login` into `Other ways to login` Passwordless LINE - Behind The Scene 2 Other ways to log in Log in with em ail Back to smartphone login Back to smartphone login Back to QR code login