FIDO Highlights WebAuthn and the Regulatory Environment in Authenticate Day 4 Recap

The FIDO Alliance is recapping some of the highlights from day four of its inaugural Authenticate event. The day’s virtual programming placed a particularly strong emphasis on the Alliance’s Biometric Component Certification program, and on updates to the W3C Web Authentication (WebAuthn) specification.

It also explained how FIDO authentication can help organizations navigate the current regulatory environment. Venable LLP Technology Business Strategy Managing Director Jeremy Grant addressed that subject in a session titled “What Regulators Want”, explaining that FIDO standards have become increasingly popular with governments that want to protect their own infrastructure while making sure that their citizens have access to secure services.

Some of the day’s panel discussions expanded on that theme, pointing out that GDPR does not provide any direction with regards to strong customer authentication. Many of the speakers described that as an oversight, and advised organizations to adopt strong authentication practices. Doing so will make it easier to protect people’s right to privacy, especially as governments pass laws that force businesses to be transparent about their use of people’s personal data.

In the afternoon, Google Software Engineer Jeff Hodges explained that the second version of WebAuthn will address some of the bugs that were present in the original. He argued that the specification is important because it supports FIDO2 and helps replace passwords with more reliable forms of authentication.

After that, Yubico Senior Architect for Standards John Bradley explained how WebAuthn’s new Large Blob Storage extension will enable web-based FIDO SSH sessions with encrypted arbitrary data storage. Finally, Auth0 Principal Architect Vittorio Bertocci argued that organizations should implement WebAuthn in stages, and that they should see the benefits of doing so at every step of the process.

“The adoption of WebAuthn is a journey and the standardization was a huge step, but now, we’ve got to roll up our sleeves and help the industry to adopt it,” concluded Bertocci.

WebAuthn became an official web standard in March of 2019.

Sponsored Links

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

FACEPHI is a global leader in Facial Recognition technology and in Mobile Biometrics technologies. With a strong concentration in the financial sector, FacePhi’s product is rapidly becoming a service used by banks all over the world. Its implementation doesn’t just save money, it is also a way to attract clients and build loyalty, while increasing the security of transactions for both the customer and the business. To learn more about FacePhi, visit https://www.facephi.com/en/

Related News & Articles

Footer

Follow Us