“…the GAO’s report highlights authentication solutions based on FIDO standards for their capacity to offer ‘a convenient, added layer of security when used as a second factor for accessing websites or systems that would otherwise rely on a username and password for single-factor authentication.'”
The FIDO Alliance has a high-profile new supporter in the government sector: The Government Accountability Office is now urging the IRS to consider FIDO-based solutions to improve its authentication of taxpayers.
The endorsement comes via a new GAO report aptly entitled, “Identity Theft: IRS Needs to Strengthen Taxpayer Authentication Efforts.” As FIDO Alliance Executive Director Brett McDowell notes in a post on the organization’s website, the GAO’s report highlights authentication solutions based on FIDO standards for their capacity to offer “a convenient, added layer of security when used as a second factor for accessing websites or systems that would otherwise rely on a username and password for single-factor authentication.”
McDowell also points out that the GAO report recommends that the IRS implement the National Institute of Standards and Technology’s guidance for high-level digital authentication security, with which FIDO’s authentication standards comply.
It’s a welcome endorsement in the public sector after some high-profile announcements of support for FIDO in the private sector, including an official endorsement from Twitter, which recently pointed to FIDO-based U2F keys as an effective tool for users to protect their accounts. And with hacking and fraud attempts being a constant concern for the IRS, it’s an endorsement that may very well be heeded.