The FIDO Alliance is celebrating the growing support for its passwordless authentication protocols in Europe. In that regard, the organization called particular attention to a new report from the European Union Cybersecurity Agency (ENISA) that encouraged the use FIDO2 technologies in eID solutions for remote identity verification.
The ENISA report specifically looked at the current regulatory environment for remote identity proofing, which covers the eIDAS regulation. eID schemes can help organizations meet those standards, whether they are based on FIDO2 or on the OpenID Foundation’s OpenID platform.
With that in mind, FIDO is hoping that the report will encourage more widespread adoption of the FIDO2 standard. On that front, the organization highlighted a recent decision from the Czech Ministry of the Interior, which granted eIDAS accreditation to the country’s CZ.NIC domain registry.
The decision will increase the country’s support for FIDO2, since it will allow the mojeID identity provider to implement a FIDO2 eID scheme that meets the eIDAS High level of assurance. To achieve a High level of assurance, a provider must be using an authenticator with FIDO level 2 certification, and that authenticator must be built with a secure element that boasts either FIPS 140-2 Level 3 or Common Criteria EAL4 + AVA_VAN.5 certification.
The FIDO Alliance previously published a pair of white papers that explained how organizations can use FIDO tech to meet the incoming eIDAS regulations. The organization has since partnered with the IoT Security Foundation to teach businesses about the benefits of passwordless authentication.