The U.S. government has embraced FIDO authentication, and is now looking for further guidance around how to implement this technology into the government’s existing PIV-centric ecosystem used to manage enterprise access for government employees and contractors. 

To provide this guidance, the FIDO Alliance published a paper, “FIDO Alliance Guidance for U.S. Government Agency Deployment of FIDO Authentication.”

This resource is the first output of a new committee formed by the FIDO Alliance’s Board of Directors at the request of the White House Office of Management and Budget (OMB) and Cybersecurity and Infrastructure Security Agency (CISA). The Committee, whose goal is to improve and accelerate adoption of FIDO technology within federal agencies, includes representatives from CISA, the National Institute of Standards and Technology (NIST), the General Services Administration (GSA), the Department of Defense, in addition to other FIDO Alliance members.

The Committee is aligned with the government’s efforts to modernize identity to counter threats, and encourages agencies to advance their Zero Trust Architecture journeys by implementing identity capabilities that support both FIDO and PKI-based phishing-resistant MFA. 

It also provides guidance on implementation of FIDO credentials within the federal digital identity ecosystem in order to meet immediate priorities defined in OMB 22-09, Federal Zero Trust Strategy and advance cybersecurity outcomes by enabling future phases of Federal Zero Trust Architecture efforts.

Alternative options for phishing-resistant authentication are necessary in the federal workforce, for example, for individuals who are not PIV eligible, or to quickly enable access for new employees who are waiting for their PIV to be issued, or those individuals who work remotely and don’t need access to federal facilities. 

This document highlights areas where FIDO offers the best value to address U.S. Government use cases as an enhancement of existing infrastructure, while minimizing rework as agencies advance their zero trust strategies with phishing-resistant authentication tied to enterprise identity as the foundation.

The FIDO Alliance will host a webinar, “Deploying FIDO Authentication in U.S. Government Agencies,” covering the essential information in this white paper on November 28, 2023 at 1:00 PM ET / 11:00 AM PT. To register for the webinar, click here.

To engage with the FIDO Alliance’s new committee regarding this paper, please contact feedback@fidoalliance.org.

About the FIDO Alliance
The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance is changing the nature of authentication with standards for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO Authentication is stronger, private, and easier to use when authenticating to online services.


More

NIST cites phishing resistance of synced passkeys in Digital Identity Guidelines update

Andrew Shikiar, FIDO Alliance Executive Director & CEO Adoption of passkeys has grown rapidly since…

Read More →

Recap: Virtual Summit: Demystifying Passkey Implementations

By: FIDO staff Passkeys hold the promise of enabling simpler, strong authentication. But first organizations,…

Read More →

EMVCo and FIDO Alliance Provide Essential Guidance on Use of FIDO with EMV 3DS

As leaders in authentication and payments spaces respectively, the FIDO Alliance and EMVCo collaborate to…

Read More →