Technology
FIDO2 for financial sector: Pros&Cons
Global Banking & Finance Review®
Company
In general terms, FIDO2 is a combination of a set of principles (
In general terms, FIDO2 is a combination of a set of principles (the framework), standards (WebAuthn), protocols (CTAP2), and hardware requirements.
Windows-based laptop and desktop PC manufacturers have learned to link integrated platform-based mechanisms (so-called Trusted Platform Modules (TPMs)) to FIDO2 services. The Windows Hello feature functions as an interface for interacting with a TPM module. A fingerprint or face recognition scan is used to access the authenticator built into the laptop or desktop PC.
Apple, who are, as usual, ahead of everyone else, use their own Secure Enclave, which is visible to users as TouchID and FaceID.
Android smartphones have Android Keystone and TouchID.
PayConfirm essentially offers features similar to FIDO2: reliable, cryptography-based passwordless authentication and transaction confirmation with visualisation. However, given that it is being developed for the finance sector, whereby users manage their money remotely, it accounts for an unlimited number of subtler details and additional requirements posed by security requirements, business subdivisions, lawyers, support, infrastructure, etc., while remaining even more straightforward than the FIDO2 framework.
Cryptography is the practice of securing information by transforming it into an unreadable format, which can only be reverted to a readable format by authorized users.
Passwordless authentication is a security method that allows users to access systems without traditional passwords, often using biometrics or hardware tokens instead.
Explore more articles in the Technology category
