News

Authlete sponsors Identiverse 2023

Authlete will have a booth and give presentations at Identiverse 2023, held between 30th May and 2nd June 2023 in Las Vegas.


Authlete is a silver sponsor of Identiverse 2023, held between 30th May and 2nd June 2023 in Las Vegas, NV.

Now in its 14th year, Identiverse is a conference of more than 2,500 identity security professionals, offering more than 70 hours of content and networking opportunities over four days.

We will be participating on site during this 4 days event, and speaking on the following sessions. Please stop by our booth and join the sessions related to Authlete.

Authlete presents: Security Offered as Components Empowering Enterprises to Gain Control

  • Tuesday, May 30 / Bluethorn 6 / 7 pm - 7:15 pm

You often think service providers should build identity and API security infrastructure by themselves to have full control and flexibility so that it can fit into their business and technology stack. But it tends to be time consuming and costly due to lack of expertise to do so. Buying a heavy-weight solution is another considerable option, but it reluctantly leads dependency on the particular vendor of the solution, which may have redundant features and may not accommodate to customize in a cost-effective and timely manner.

In this session, we will discuss a third option to “buy and build” that can combine the best of both worlds and give you control by building from scratch, as well as minimize the time and resource by leveraging “Identity Components as a Service.

High Security and Interoperable OAuth 2.0: What’s the Latest?

  • Thursday, June 1 / Ironwood 1 / 2 pm - 2:50 pm

OAuth is a widely used authorization framework that enables third-party applications to access resources on behalf of a user. However, it has been historically difficult to meet very high security and interoperability requirements when using OAuth.

The presenters have worked much of the last five years to improve the state of OAuth and will discuss what’s happening in the field. There are challenges when trying to achieve high security and interoperability with OAuth 2: There are many potential threats, some of which were not part of the original OAuth threat model. Six years ago, the IETF OAuth working group started work on documenting security best practices document, most recently for OAuth 2.1. Meanwhile, the OpenID Foundation created FAPI1 and FAPI2 security profiles.

This presentation will help attendees understand best practices documents.We also will demonstrate how to achieve on-the-wire interoperability and security through the use of techniques like asymmetric client authentication and sender-constraining via DPoP and MTLS. Additionally, we’ll discus the benefits and potential disadvantages of each. We highlight the benefits for implementers and the role of conformance testing tools.

Open Banking: Is It Actually Benefiting Fintechs, Banks, and End Users?

  • Friday, June 2 / Ironwood 3 / 9:05 am - 9:30 am

The open banking movement worldwide is now well over 5 years old. It has undoubtedly changed the world—exceeding expectations in some areas and, though many are reluctant to say it, fallen short in others. People around the world who have never heard the term “open banking” are finding that it has enabled new and better ways to go about their lives, some of which no one had predicted.

The presenters have worked on pretty much every aspect of open banking and will share a lighthearted retrospective on usage in different countries, attempting to answer the following questions:

  • What use cases have been implemented and which use cases have succeeded in different countries?
  • What were the expectations from government, users, and fintech? And what is the reality?
  • What are the killer use cases driving open banking adoption? What are the unexpected use cases and what are the future use cases we should be excited about?
  • What should be done differently as open banking expands to more countries and to other “open” ecosystems?