NHS enhances app with biometric security and releases code to developers
The National Health Service in the United Kingdom has released two pieces of open source code that developers can use to add biometric security for app login, such as facial or fingerprint recognition, writes UK Authority.
“The NHS App team has open sourced code which will help those using NHS log-in as an identity and authentication provider to confirm people’s identity using fingerprint and facial recognition,” said Chris Fleming, delivery director at NHS Digital. “We received great feedback from log-in users as it sped up the process considerably for them, and we wanted others to benefit from the work. The team has released two libraries for developers.”
In May, NHS Digital discussed the importance of passwordless logins for enhanced security and faster services and introduced the concept of a new app with biometric login options. Multi-factor authentication had too many steps and was becoming a roadblock for patients using the app.
According to feedback, a simplified login method was necessary as patients felt it was too complicated to go through steps such as entering credentials, waiting for a text message and enter the one-time password to log in. As a result, NHS implemented the FIDO (Fast-Identity Online) UAF (Universal Authentication Framework) protocol from the FIDO Alliance based on public key cryptography. It defines three operations for users: registration, authentication, and deregistration.
NHS is also expected to begin accepting mobile payments with biometric authentication later this year.