FIDO offers guidance for the use of public services when countries implement blockchain, biometrics

Governments around the world continue to develop digital identity capabilities to give citizens easier access to public services, and the FIDO Alliance has published a white paper to help them do so in ways that are resistant to phishing. The assignment comes as a couple of alternative approaches to digital identity for public services, in Turkey and Bangladesh.

The white paper is intended to guide policy makers and managers of government agencies and departments when considering FIDO authentication for public services.

It notes that FIDO’s approach has been endorsed by the US Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Homeland Security as a robust multi-factor authentication method.

The 20-page paper “FIDO for e-Government Services” notes the weak security of traditional login credentials such as usernames and passwords, but also of legacy MFA tools such as one-time passwords and push notifications.

The paper reviews the potential benefits of FIDO implementation for governments, saying that government agencies in 10 countries have already included the group’s standards in policy documents or regulations for online authentication. Several of them are presented as case studies.

The broad support for FIDO’s global standards is described, along with implementation considerations. In the latter case, the paper warns of the threat of an attack where a FIDO server is taken over and public keys are replaced, and advises businesses to consider centralizing authentication through a digital identity provider to facilitate FIDO2 adoption.

The paper also covers the building blocks of a FIDO authentication system, and usability considerations, including for people with disabilities.

Turkey goes with blockchain

Turkey is introducing a blockchain-based digital identity system for logging into a public service portal, according to an announcement by Vice President Fuat Oktay reported by Hurriyet and translated by Google.

Oktay says the e-government gateway has nearly 62 million active users in the country of about 85 million. From the portal, they can access almost 7,000 services.

The system will allow users to keep their digital identity information on their mobile phone, enabling offline as well as online use.

The VP also said that he expects various municipalities and business groups to participate in the initiative by sharing data. The system is also integrated with the State Organization Central Registration System (DETSIS).

Central biometric registry for Bangladesh gun owners

Another approach is being demonstrated by Bangladesh, which is introducing biometrics into its firearms registration system, reports The Daily Star.

The biometric register will be maintained in the Smart Firearms License Management System by the Dhaka District Administration.

Authorities can use the registry to quickly verify the legality of firearm ownership, while firearm owners can use the online system for easy license renewal.

The registration exercise has been ongoing in various areas of the country for several years. Dhaka’s registration program runs from December 19 to March 2023.

Article topics

Bangladesh | biometrics | blockchain | cyber security | digital government | digital ID | FIDO Alliance | public services | multi-factor authentication | Turkey

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *