FB pixel

Avast pitches decentralized digital ID and FIDO integration at Authenticate 2022

Avast pitches decentralized digital ID and FIDO integration at Authenticate 2022
 

An Authenticate 2022 session Wednesday explored the open standards and cryptography behind self-sovereign identity (SSI) and how they can complement FIDO and WebAuthn to enable greater privacy and security.

In the talk, Dmitry Barinov, VP of technology and digital trust services at Avast, starts by defining SSI as an emerging approach to digital identity that puts individuals in control of their digital identity data and experiences.

Barinov then highlights the advantages of SSI and provides an overview of current SSI government and industry projects, including the European Self-Sovereign Identity Framework (ESSIF), the eIDAS (Electronic Identification, Authentication and Trust Services) regulation, and the International Air Transport Association (IATA) travel pass (developed in collaboration with Avast), among others.

Barinov describes the “SSI credential flow” and how authentication fits into this process. At a basic level, he says, authentication first involves the credential issuer, which passes a credential to the wallet (whether device, cloud or a combination) which the user sends to the relying party. Once identity has been confirmed, an identity recovery flow can also be carried out.

He highlights the difference between FIDO and distributed (or decentralized) identifiers (DIDs), saying that while the former allows an individual to prove control over a public key, the latter allows them to demonstrate control over a DID, which in turn resolves to public keys.

Further, while FIDO is used directly for authentication to the relying parties (and for transaction signing), DIDs enable individuals to prove they are the subject of verifiable credentials, which may later be used for authentication by relying parties.

Still, Barinov believes it is possible to use FIDO devices in DID authentication scenarios. OpenID Connect and WebAuthn would represent early candidates for this integration.

Avast took a dramatic step from cybersecurity into decentralized digital identity with the acquisitions of Evernym and SecureKey over the past year. The company then joined the FIDO Alliance in September.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Apple patent filing aims for reuse of digital ID without sacrificing privacy

A patent filing from Apple for ensuring a presented reusable digital ID belongs to the person holding it via selfie…

 

Publication of ISO standard sets up biometric bias tests and measurement

The international standard for measuring biometric bias, or demographic differentials, is now available for purchase and preview from the International…

 

EU’s EES delayed again, border crossings still lack equipment

The European Union has confirmed that its upcoming biometric travel scheme will be delayed following warnings from several member states…

 

Age estimation leaders emerge in NIST evaluation

The National Institute for Standards and Technology (NIST) has released its latest Face Analysis Technology Evaluation for Age Estimation &…

 

Yoti trumpets NIST age estimation results and testing plans

A new facial age estimation algorithm submitted by Yoti to the U.S. National Institute of Standards and Technology has placed…

 

Indonesia tests new digital ID system, calls on ASEAN to speed up DEFA negotiations

Indonesia is rolling out the limited release of its new digital government platform INA Digital. In this first phase, INA…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events