New FIDO Europe Working Group to Focus on PSD2, GDPR, eIDAS Issues

The FIDO Alliance has launched a new Working Group aimed at the Europe market.

New FIDO Europe Working Group to Focus on PSD2, GDPR, eIDAS IssuesAt its outset, the FIDO Europe Working Group includes twelve organizations: Cartes Bancaires, Daon, Germany’s Federal Office for Information Security, Gemalto, Infineon, ING, Oesterreichische Staatsdruckerei, TRUXTUN Capital, Vasco Data Security, Verizon, Yubico, and, of course, FIDO co-founder Nok Nok Labs. The group is chaired by Gemalto Strategic Partnerships VP Alain Martin and ING Enterprise Security Architect Matthieu Nunnink.

The Working Group’s creation arrives ahead of the European Union’s implementation of new data privacy and security regulations that are likely to spur strong demand for FIDO-based authentication. As such, its charter mandates that the consortium will place a particular focus on the EU’s Payment Services Directive (PSD2), General Data Protection Regulation (GDPR), and Electronic Identification and Trust Services Regulation (eIDAS) requirements.

In a statement announcing the new FIDO Europe Working Group, co-chair Alain Martin pointed to the opportunity presented by these regulations. “Without standardisation, implementation of strong customer authentication in Europe will result in fragmented solutions, leading to higher costs and poor customer experience”, he said, adding that FIDO’s standards “are aligned with the new regulations and will simplify deployment.”

The new Working Group is the latest in what is now a series of concerted regional initiatives launched by the FIDO Alliance. It kicked things off late last year with the announcement of the FIDO Japan Working Group, which was followed this past summer with the launch of the FIDO India Working Group. In Europe, FIDO has sought to help shape the new regulatory regimes that will soon be implemented, submitting comments on strong authentication to the European Banking Authority in February of last year, and arguing against the allowance of ‘screen scraping’ in an open letter to the European Parliament and the European Commission this past September.