Interview: Nok Nok Labs
17 March 2020 16:28 GMT

Nok Nok Labs, a developer of passwordless authentication, last month announced a record year following broad industry acceptance of FIDO standards, noting that this was evidenced by the news that Apple had not only become a member of the FIDO Alliance but has taken a leadership role as a board member. 

Planet Biometrics took time out to speak to Rolf Lindemann, VP of Products at Nok Nok Labs, about these developments. 

How important is Apple’s membership for the FIDO movement?

Currently, there is full FIDO support in three major platforms: Google Android and Chrome, Microsoft Windows and Edge, and Mozilla Firefox. Even though the Nok Nok S3 Suite already supports passwordless authentication for mobile Apps on iOS and on Apple Watch Apps, some organizations have been hesitant to deploy FIDO because there was no public commitment from Apple to FIDO - besides implementing FIDO CTAP and WebAuthn in Safari. Now with the addition of Apple, all major platform vendors in the FIDO Alliance serve to prove that the world is finally ready for this technology.

As far as why a FIDO membership is important, it means that companies like Apple will get a first-hand look into where the FIDO Alliance is headed and they will be able to bring their ideas for passwordless authentication to the FIDO community. This can result in interoperable support of passwordless authentication that best fits the Apple ecosystem.

How far do you feel FIDO has come, are we near a tipping point?

We started the FIDO Alliance with 6 founding members and weren’t sure whether platforms would be willing to implement it by default.

Now, all major platform vendors have joined the FIDO Alliance and customers can use FIDO authentication in Mobile Apps on Android, iOS, on Smart Watches and through all major Browsers.

In some markets (e.g. Japan) we already are beyond the tipping point.  In other markets we are hitting it now.

FIDO is ready to be used today.  It is more secure and more convenient than the alternatives.
 

Is the future of digital ID evolving as you thought it would?

I think we are on the right track.  We have done the heavy-lifting on writing the specifications and getting FIDO support added to the major platforms.  We have seen many large scale cloud deployments already and expect to see even more this year.

In the FIDO Alliance we have also started work on Identity Proofing and Binding as this is often the weakest link once the authentication problem is solved using FIDO - Knowledge based verification (KBV) is not as strong as FIDO authentication.  So we want to help improve the level of ID Proofing.

Additionally we track the security challenges in the IoT space. FIDO Authentication can already be used to authenticate users to devices - avoiding the shared default passwords.  In the FIDO Alliance, we are now working on additional use cases in the FIDO IoT working group.

Are governments doing enough to help movements like FIDO?

If I look back, I am really satisfied to see how many Governments are supportive of FIDO.  That level of success was not obvious when we started FIDO.  The US government (through NIST), the Chinese government (through CAICT), the German government (through the BSI), the UK government (through the Cabinet Office), the Australian government (through its Digital Transformation Office), the Korean government (through TTA), and the Thai government (through ETDA) are FIDO members. 

The FIDO Alliance has reached out to even more government bodies to provide feedback on security regulations in order to ensure that modern authentication methods beyond OTPs are not accidentally precluded.

We invite the governments to support FIDO as a convenient, strong and practical way of authentication to cloud services and IoT devices.  We are happy to provide feedback to upcoming regulations to ensure they support new technologies like FIDO.

 

Industry Events


connect:ID 17-18 Mar 21