The FIDO Alliance has issued a new FIDO Privacy White Paper to mark this year’s Data Privacy Day. The publication explains how FIDO’s protocols and specifications help to protect user privacy; as the consortium put it in a synopsis, “there is no privacy with security.”
FIDO points to recent research on data breaches indicating that 95 percent of web app hacks rely on stealing customer credentials from mobile devices—and of course those credentials are virtually all passwords. FIDO’s goal is to replace archaic password-based security systems with more advanced frameworks incorporating measures like risk-based authentication and two-factor authentication. Security systems that adhere to FIDO protocols don’t involve third parties, keep biometric data on the user’s device, require user consent for the release of data, and incorporate many other principles designed to ensure that user data is protected behind advanced authentication apparatuses.
As major IT and electronics companies pay more attention to user privacy, FIDO-style security will be increasingly popular. Indeed, the consortium continues to grow as more organizations across a range of industries and sectors join its ranks, ensuring that FIDO will become hugely influential as the Internet of Things begins to take shape. That’s bad news for hackers, and great news for users seeking security and privacy.