FIDO passwordless authentication on the rise with VinCSS certification, adoption growth
Pham Trung Anh, head of products at cybersecurity firm VinCSS, has become the first person in Vietnam to achieve the FIDO Alliance Certified Professional status, reports ICT Vietnam.
The certification assesses the ability of identity and authentication experts to help firms “deploy and integrate FIDO standards by analyzing business requirements and proposing a FIDO architecture that ensures secure authentication processes.”
In order to achieve the qualification, Pham had to tick several boxes for experience, including the analysis of business requirements for FIDO2 products, testing and validation of design and technical requirements for the same, and recognized efforts in raising awareness about authentication.
According to Pham (as quoted by ICT Vietnam), his certification is a testament to the fact that Vietnam has mastered FIDO2 technologies and is on the verge of becoming a development center for authentication in Asia and globally.
“More and more ‘made-in Vietnam’ products and services with high competitiveness will now appear on the technology map in general, and in the field of global identification and authentication in particular,” Pham says.
The FIDO certification comes three months after VinCSS launched a new platform for onboarding Internet of Things (IoT) devices based on the Alliance’s standard.
APAC set to lead FIDO adoption efforts by 2031
The growth of VinCSS is indicative of a broader development in the adoption of FIDO authentication and biometrics in the Asia Pacific (APAC) region.
These claims are confirmed by a new Future Market Insights report, which suggests that APAC countries will take over North America as the largest market share in FIDO authentication services and solutions by 2033.
This shift will be led by China, and Japan, with the FJWG (FIDO Japan Working Group), increasingly working to address the growing inclination toward FIDO authentication in the region, particularly from stakeholders.
India will also be part of this upward trend. The country is expected to achieve a compound annual growth rate (CAGR) of 33 percent in the FIDO authentication market, mainly thanks to digital certificates and public key infrastructure (PKI) technologies used to verify online transactions.
Beyond APAC, North America is still set to remain a large market for FIDO biometrics adoption, with the U.S. expected to account for 82 percent of the North American market share in the forecast period.
Globally, the FIDO authentication market stood at $849.6 million in 2020 and is expected to reach $8 billion by 2031 at a CAGR of 22.8 percent between 2021 and 2031.
Using FIDO2 to improve MFA security
Tony Lauro the director of security technology & strategy at cloud computing platform Akamai, recently wrote about increasing the security of multi-factor authentication (MFA) solutions with FIDO2 authentication.
The blog post, published on DarkReading, mentions data breaches that affected Okta, Uber, and Cisco last year and how MFA proved insufficient to keep data safe.
“Bypassing existing MFA techniques to garner employee credentials or to take over employee accounts has become child’s play for attackers,” Lauro writes. “Techniques range from simple phishing to push bombing […] to more complex SS7 communications protocol exploits to obtain texted MFA codes.”
According to the executive, FIDO2 can significantly improve MFA security thanks to its two components: WebAuthn (developed by W3C) and CTAP (created by the FIDO Alliance).
“Authentication methods based on FIDO2 are the closest thing there is to a ‘phish-proof’ solution, and the security community has taken note,” reads the DarkReading article. “As it becomes more widely recognized, expect to see FIDO2 as a recommended or even required standard for online interactions/transactions where critical data must be protected.”
MFA bypass attacks and how FIDO2 can help block them were discussed in a keynote at the FIDO Alliance’s Cybersecurity Policy Forum earlier this year.
APAC | biometric authentication | biometrics | certification | FIDO Alliance | FIDO2 | multi-factor authentication | Vietnam | VinCSS