FB pixel

FIDO Alliance talks passkeys in the public sector with Biometric Update

Watch the webinar on-demand
FIDO Alliance talks passkeys in the public sector with Biometric Update
 

Passkeys are swiftly gaining popularity with more organizations and governments embracing the passwordless authentication method. Behind the creation of passkey standards is the FIDO Alliance which spoke about their proliferation in the public sector and the fight against threats such as generative AI at a recent Biometric Update webinar moderated by contributing editor Joel R. McConvey.

The FIDO Alliance has made it its goal to create open and free authentication standards to help reduce the world’s reliance on passwords. To achieve this, the industry association needed a scalable solution that is phishing-resistant and meets the requirements for multi-factor authentication. The game changer, however, was the user experience – an easier way to sign in, says Megan Shamas, FIDO Alliance chief marketing officer. 

“We have 30 to 40 UX experts from major companies all over the globe that are working on this, but we also do research with real consumers, real citizens around these experiences and what resonates and what doesn’t,” she says.

Today, government agencies are actively promoting passkeys while the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) and other regulatory bodies are starting to introduce guidance for the technology. NIST’s entry into passkeys was prompted by questions from government agencies on their safety, says Jeremy Grant, managing director of technology and business strategy at Venable LLP law firm.

“For something that was only really launched in earnest as a name about two years ago, it’s been a really rapid adoption and recognition,” says Grant, who has been serving as an advisor to governments across the globe.

One example is the U.S. State of Michigan government services portal MiLogin which supports access to more than 360 applications and services spread across 18 different agencies. Since the introduction of passkeys, the platform has been averaging about 18,000 new enrollments a month while login abandonment has dropped by 73 percent over the last year.

“[This is] an amazing number when you think about it, and I think we’ve seen this with a lot of private sector partners as well,” he says.

Governments are looking into passkeys because of increasingly sophisticated and successful phishing attacks helped by social engineering.

“It’s no longer an email from the prince in Nigeria, these are very well honed in on attacks,” says FIDO Alliance’s Shamas. “What passkeys do is take the burden off of the user to have to identify those sorts of attacks, because path keys simply cannot be given away to a nefarious person.”

The development of passkeys is also boosted by the embrace of companies such as Mastercard, Apple, Google, Microsoft and X

“Generative AI can spoof a lot of biometrics but it cannot spoof public key cryptography”, says Grant. “Whether it’s passkeys or other solutions that are rooted in public key cryptography, I think it’s going to become more important in the years to come as a deterministic factor: Are you actually in possession of a key to prove you’re a human or a particular human.”

The FIDO Alliance released a white paper this week describing the benefits of the passkeys and how organizations could embrace them to improve their security. The technology, however, also comes with drawbacks, including passkeys being tied to devices or supporting only certain devices and operating systems, a fragmented vendor ecosystem and outdated enterprise security policies. Most importantly, passkeys can still be hacked, market intelligence firm IDC highlights in a recent report.

Still, Grant believes that by the end of 2026, passkeys will become the predominant way people will authenticate themselves while signing up for new accounts online or accessing public-facing services in both government and industry. 

Watch the webinar replay on-demand

Passkeys in the public sector: in-depth with the FIDO Alliance

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics firms pitch privacy in age assurance ahead of US court battle

The U.S. is facing its first constitutional debate connected with age verification in 20 years: The Supreme Court will have…

 

Permira finalizes $1.3B majority stake acquisition of BioCatch

Permira Growth Opportunities has completed the acquisition of a majority position in behavioral biometrics and fraud prevention business BioCatch, four…

 

ATO attacks surge in Q2 2024, Sift warns of growing ‘Fraud-as-a-Service’ threat

A recent report highlights the growing threat of account takeover (ATO) attacks, which surged by 24 percent in the second…

 

EU AI pact sets new standards for ethical AI use across Europe

By Tony Porter, Chief Privacy Officer at Corsight AI The European Union’s AI Pact marks a crucial step towards forming…

 

Deepfake detection challenge, integration to protect content integrity unveiled

A new deepfake detection competition has been announced with the intention of advancing “next-generation deepfake detection and localization systems” development….

 

Utah judge blocks age verification requirement for social media

A federal judge in Utah has ruled in favor of tech lobby group NetChoice and against the state’s new law…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events