FIDO offers guidance for government service use as countries deploy blockchain, biometrics

Governments around the world continue to develop digital identity capabilities to give residents easier access to public services, and the FIDO Alliance has published a white paper to help them do so in phishing-resistant ways. The paper comes as a pair of alternative approaches to digital identity for government services are implemented, in Turkey and Bangladesh.

The white paper is intended to guide policymakers and the heads of government agencies and departments as they consider FIDO authentication for government services.

It notes that FIDO’s approach has been endorsed by the U.S. Cybersecurity & Infrastructure Security Agency (CISA) and Department of Homeland Security as a robust multi-factor authentication method.

The 20-page ‘FIDO for e-Government Services’ paper notes the weak security of traditional log-in credentials like usernames and passwords, but also of legacy MFA tools like one-time passwords and push notifications.

The paper reviews the potential benefits of FIDO implementation for governments, and says that government agencies in 10 countries have already included the group’s standards in policy documents or regulations for online authentication. Several from among them are presented as case studies.

The broad support for FIDO’s global standards is described, along with deployment considerations. In the latter case, the paper warns of the threat of an attack in which a FIDO server is taken over and public keys substituted, and advises enterprises to consider centralization of authentication through a digital identity provider to simplify FIDO2 adoption.

The paper also covers the building blocks for a FIDO authentication system, and usability considerations, including for people with disabilities.

Turkey goes with blockchain

Turkey is introducing a blockchain-based digital identity system for logging into a government services portal, according to an announcement by Vice President Fuat Oktay reported by Hurriyet and translated by Google.

Oktay says the e-government gateway has nearly 62 million active users in the country of approximately 85 million. From the gateway they can access nearly 7,000 services.

The system will allow users to hold their digital identity information on their mobile phones, enabling offline as well as online uses.

The VP also said that he expects various municipalities and business groups to participate in the initiative by sharing data. The system is also integrated with the State Organization Central Registration System (DETSIS).

Central biometric registry for Bangladesh gun owners

Another approach is demonstrated by Bangladesh, which is introducing biometrics into its firearms registration system, The Daily Star reports.

The biometric registry will be held in the Smart Firearms Licence Management System by the Dhaka district administration.

Authorities can use the registry to quickly verify the legality of firearms ownership, while firearms owners can use the online system for easy license renewal.

The registration exercise has been going on in various areas of the country for several years. Dhaka’s registration program runs from December 19 until March of 2023.

Article Topics

Bangladesh  |  biometrics  |  blockchain  |  cybersecurity  |  digital government  |  digital ID  |  FIDO Alliance  |  government services  |  multifactor authentication  |  Turkiye