Biometrics and strong authentication for financial services explored in FIDO event
Consumers have begun to understand the benefit of biometrics and stronger authentication, Javelin Strategy and Research analyst John Buzzard told an audience during the recent ‘Authenticate Virtual Summit: Modern Authentication for Financial Services’ event hosted by the FIDO Alliance.
Good thing, too, as attacks against financial services institutions have increased over the course of the pandemic, FIDO Alliance Executive Director and CMO Andrew Shikiar noted in his opening keynote, according to a summary of the virtual event on the organization’s website. Shikiar also emphasized the need to make strong multi-factor authentication (MFA) easier for organizations to use.
The event featured speakers from eBay, Financial Data Exchange, Gemini, Google, Mastercard, JP Morgan Chase, StrongKey, Trusona and Visa. Stakeholders spoke about the balance between security and user experience, among a range of authentication issues.
“We see a lot of confusion in the WebAuthn and FIDO ecosystem where people are confused between security capability, and the user experience that consumers go through when interacting with FIDO,” StrongKey CTO Arshad Noor said. “We believe that FIDO should first be viewed as a security technology, and second as a convenience technology.”
StrongKey brings FIDO2 to Android, Apple devices
StrongKey’s FIDO-certified FIDO2 Server now supports Android and Apple devices in addition to PCs, with the Preview release of its open source StrongKey Android Client Library (SACL) and support for Apple Attestation.
The expansion enables iPhones to be used as FIDO Authenticators with native iOS apps or through Safari, and enables compliance with PSD2’s strong customer authentication (SCA) requirement for ecommerce merchants on Android, including through Android biometric prompts.
StrongKey’s Tellaro open source platform provides strong authentication, encryption, tokenization, and PKI management and includes the FIDO server. The company says it provides a cost-effective alternative to solutions that charge licensing and per-transaction fees
“FIDO authentication is a simpler and more secure way to verify the identity of end users,” says Marco Conte, co-founder of Payment Universe. “Support of passwordless authentication across PCs and mobile offers a smoother payment customer experience, reducing friction and cart abandonment while complying with PSD2 SCA requirements.”