A consortium of e-commerce technology and service providers are redefining SSO, morphing it from “Single Sign On” to stand for “Simple Sign On.” It’s all in the interest of promoting secure communications, based on high levels of confidence that an individual with whom you are carrying out business is, indeed, who he or she claims to be. The FIDO Alliance– standing for “Fast ID Online” – is its name. Promoting a standards-based, open protocol for online authentication is its game.
Today, individuals use a wide variety of devices – including desktop PCs, mobile phones, smartphones, tablets and, soon, Phablets – to carry out search, shopping, e-commerce and banking. As they progress from the casual to the crucial, they require different levels of safeguards to their privacy and security. With the growth of electronic commerce, in general, and mobile commerce, specifically, the need for strong authentication is growing. The traditional methods – meaning PINs, passwords and challenge questions – are relatively weak and decidedly cumbersome for the average person.
FIDO Alliance members are well acquainted with the demands associated with establishing a standard to support electronic transactions and commerce. Its founding member organizations are Agnitio, Infineon Technologies, Lenovo, Nok Nok Labs, PayPal, and Validity. They are developing the overall specification, as well as FIDO-compliant products. In the name of fraud reduction, they have built a set of standards and an architecture that embraces biometrics including fingerprint, voice and facial recognition; plus existing existing authentication solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, Near Field Communication (NFC), One Time Passwords (OTP) and many other existing and future technology options. If it’s what you got, it will be accommodated.
Today’s announcement heralds the maturity of two sets of initiatives by the FIDO Alliance. Its Technical Working Group was chartered in the fourth quarter of 2012 and is very far along int providing a set of “open” standards for an architecture that has been released as part of this launch. At the core of their value proposition is to remove the friction for people to carry out commerce at high levels of trust, using a multiplicity of devices over a wide variety of communications networks. It is accomplished by allowing them to “choose their own token” to authenticate themselves.
That’s the crux of Simple Sign On and it starts with standards for authentication that are compatible with and interoperate with all devices today and in years to come. Opus Research welcomes and supports the initiative and is particularly pleased that voice biometrics – thanks to Agnitio’s participation as a founding member – is given full recognition in the initial alliance.
Categories: Articles