FIDO Alliance Praises OMB’s New Federal MFA Initiative

The FIDO Alliance is applauding the new Federal Zero Trust Strategy being laid out by the US Office of Management and Budget (OMB). The OMB released the final version of the strategy on January 26, and has stated that federal agencies have until the end of 2024 to comply with the initiative.

The OMB strategy is part of a broader shift to Multi-Factor Authentication (MFA) at the federal level. President Joe Biden issued an executive order last May that gave federal agencies 180 days to implement MFA, in a move that similarly received praise from the FIDO Alliance.

The new arrangement, meanwhile, states that federal employees will need to use MFA to access any accounts that are hosted by a federal agency. That requirement will still be in place even in situations where employees cannot use Personal Identity Verification (PIV) options. The FIDO Alliance noted that FIDO security keys are a valid alternative in those situations, and that such solutions can be deployed at scale relatively quickly.

According to the Alliance, the OMB directive is designed to mitigate the threat of phishing. The OMB has stated that agencies should avoid the use of one-time passwords and other secondary authenticators that can be intercepted.

“The Federal Zero Trust Strategy provides a robust roadmap for agencies to follow to ensure best practices in creating a zero trust environment,” said FIDO Alliance Executive Director Andrew Shikiar. “The FIDO Alliance commends the Office of Management and Budget for requiring phishing-resistant authentication to protect agencies as phishing attacks become significantly more sophisticated – including the increasingly common ability to bypass legacy MFA approaches such as OTPs.”

Biden’s executive order was a response to several high-profile data breaches in the past few years. That included the SolarWinds breach and the Colonial Pipeline ransomware attack, both of which underscored the limited utility of passwords. In that regard, the FIDO Alliance has consistently advocated for the use of passwordless authentication options.

Partners

FaceTec’s patented, industry-leading 3D Face Verification and Reverification software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ finally make trusted, remote identity verification possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for 3D Liveness and Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

The Biometric Digital Identity Prism is a market landscape framework designed to help influencers and decision makers understand, innovate, and implement digital identity technologies and solutions. This innovative framework for understanding and evaluating the rapidly evolving biometric digital identity marketplace is the only market model that is truly biometric-centric based on the foundational conviction that in the age of digital transformation the only true, reliable link between humans and their digital data is biometrics. https://www.the-prism-project.com

Mobile ID World is here to bring you the latest in mobile authentication solutions and application providers. Our company is dedicated to providing users with the best content and cutting edge information on technology, news, and mobile solutions for your mobile identity management needs. https://mobileidworld.com

ID R&D combines extensive R&D capabilities with advances in AI to deliver superior biometrics and liveness detection software. Our products work across mobile, web, and telephone channels, as well as conversational interfaces, IoT devices, and embedded hardware to improve security and significantly reduce friction in the user experience. https://www.idrnd.ai

AuthenticID’s disruptive and cutting-edge, AI-driven solution quickly, accurately, and securely reproduces real-world identity verification so that companies can be assured of who they are conducting business with, strengthen underwriting, reduce the losses associated with fraud, and streamline onerous customer onboarding procedures, leading to higher conversion rates. https://www.authenticid.com/

Identity Week aims to be a significant identity industry catalyst. It’s our mission is to help accelerate the move towards a world where trusted identity solutions enable governments and commercial organisations to provide citizens, employees, customers and consumers with a multitude of opportunities to transact in a seamless, yet secure manner. All the while preventing the efforts of those intent on doing harm. https://identityweek.net/

Related News & Articles

Footer

Follow Us