FIDO Alliance forms European working group
The FIDO Alliance has launched a FIDO Europe Working Group to accelerate the use of FIDO authentication standards in Europe.
The launch of the Working Group comes at a time when financial services firms, telecommunications companies and the broader ecosystem are working towards balancing new regulations with rapidly changing customer expectations.
FIDO authentication reduces organizations’ and users’ dependence on passwords by providing interoperable, cryptographic, on-device authentication that is more secure and easier to use than passwords and one-time passcodes.
At launch, 12 FIDO Alliance member companies active in the European market are participating in the new FIDO Europe Working Group, including Cartes Bancaires, Daon, Federal Office for Information Security (German BSI), Gemalto SA, Infineon, ING Group, Nok Nok Labs, Oesterreichische Staatsdruckerei (Austrian State Printing House), TRUXTUN Capital SA, Vasco Data Security, Inc., Verizon Innovation LLC, Yubico.
“The FIDO Europe Working Group was created to address the growing market demands for better authentication, which is driven largely by the changing regulatory landscape in the region,” said Brett McDowell, executive director of the FIDO Alliance. “Leading companies have to grapple with new compliance requirements while ensuring they keep pace in a global market by offering convenient customer experiences. This Working Group will be instrumental in raising local awareness of how FIDO standards can help facilitate compliance.”
The new Working Group is chaired by Alain Martin, VP of strategic partnerships at Gemalto, and Matthieu Nunnink, enterprise security architect at ING.
The group will facilitate communication and collaboration efforts within the European market to raise awareness and deployment of FIDO solutions aligned to regulatory requirements from the relevant European agencies.
In addition, the group will work closely with policy makers and industry stakeholders to coordinate communications, publish informational assets, and deliver educational events to local markets across Europe.
In regards to its charter, the group will focus on the Payment Services Directive (PSD2), Electronic Identification and Trust Services Regulation (eIDAS), and the General Data Protection Regulation (GDPR) requirements, as well as the role of FIDO authentication in products and services subject to those regulations.
“Without standardisation, implementation of strong customer authentication in Europe will result in fragmented solutions, leading to higher costs and poor customer experience,” said Alain Martin, co-chair of the FIDO Europe Working Group. “The FIDO standards propose a set of user convenient authentication methods that are aligned with the new regulations and will simplify deployment”.
For example, the implementation of the revised PSD2 enforcing Strong Customer Authentication practices across Europe will soon become a requirement for financial services organizations to secure access to bank accounts for information aggregation or payment initiation.
FIDO standards can address the European Banking Authority’s Regulatory Technical Standards (RTS) by proposing fully defined specifications, in adherence with the requirements of the RTS.
The Alliance’s standardization efforts, complemented with a multi-layered security certification program, provides banks and service providers a choice of interoperable authenticators in multiple form factors and for several operating environments.
FIDO has already approached the EBA regarding the PSD2 topic, including FIDO Alliance Letter Regarding Payment Services Directive 2, FIDO & PSD2: Meeting the needs for Strong Consumer Authentication, and a response to the European Banking Authority (EBA) Discussion Paper on Future Draft Regulatory Technical Standards on Strong Customer Authentication and Secure Communication Under the Revised Payment Services Directive (PSD2).
FIDO standards are aimed at overcoming the usability challenges of older, first-generation authentication solutions.
FIDO Certified solutions are experiencing increased adoption in payments, enterprise and mobile scenarios, as FIDO authentication are being deployed worldwide by leading service providers such as Google, Facebook, PayPal, and NTT DOCOMO.
Last month, the FIDO Alliance announced the latest round of companies to complete FIDO certification, bringing the total number of the organization’s certified products to 383.