South Korea has eliminated a significant barrier to the usage of the FIDO protocol for passwordless authentication by confirming that it falls outside the scope of a requirement for user consent to process biometrics.

Members of the FIDO Alliance Korea Working Group (FKWG) submitted an official inquiry to the Korea Personal Information Protection Commission (KPIPC), which has responded by stating that the consent rules do not apply to biometric processes performed entirely on user-controlled devices. Since biometric data is not collected, stored or processed by the organization requesting FIDO authentication, the process does not qualify as processing personal information under the Personal Information Protection Act.


More

Google Blog: Beyond passwords: a roadmap for enhanced user security

FIDO Security Keys are easier to use and more secure than other forms of 2FA,…

Read More →

ComputerWeekly: New stolen credentials cache puts spotlight on authentication

In this ComputerWeekly story, Steven Murdoch, chief security architect at OneSpan’s Innovation Centre says FIDO…

Read More →

ITU: Time to eliminate the password: New report on next-generation authentication for digital financial services

FIDO specifications enable users to authenticate locally to their device using biometrics in a model…

Read More →


Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.