KDDI recently deployed FIDO in Japan. We sat down for an interview with Yamada Yasuhisa, Executive Officer at KDDI to find out more about the KDDI deployment.
Can you tell us about KDDI?
KDDI is a telecommunication service provider in Japan, offering both mobile and fixed-line communications. KDDI has a well-established base of over 40 million customers and offers mobile services and shopping through its “au” brand. KDDI is also expanding its services into the “Life Design” business, which includes e-commerce, fintech, nationwide electric power utility services, entertainment and education. With a 60-year history, KDDI is now focusing on creating smart infrastructure through IoT technologies and open innovation with partners and start-up companies in diverse industries. KDDI is accelerating the global growth of its telecommunications consumer business, with operations in Myanmar and Mongolia, and in the global ICT business with the “TELEHOUSE” brand. KDDI (TYO:9433) is listed on the Tokyo stock exchange.
How are you using FIDO?
Today we are using FIDO authentication in a few different areas. The first, just launched on April 14, 2020, is our “au ID” platform, which is our service for our users to identify themselves and access our services; we have a huge number of active users. FIDO is one of the authentication methods available for “au ID.” We offer FIDO on web browsers and Android initially, and plan to support iOS in the future.
The other area where we offer FIDO is our Software-as-a-Service (SaaS) solution. This solution enables online service providers to deploy FIDO2 easily. As a network operator, we have experiences and the FIDO solution we offer is no exception.
It’s important that we can support online service providers along their customers’ entire authentication journey: onboarding, authentication and account recovery. So, we also offer customer identification services to fit in with our FIDO offering. There’s a gap in the customer journey with FIDO, which is account recovery. How do you recover your account if you lose your FIDO authenticator? We aim to fill this gap by providing identity verification of our large customer base. Thus, we’re supporting online service providers along the entire customer journey.
What specification(s) did you implement?
We implemented a FIDO2 server with biometric authentication.
Why did you choose FIDO standards? What were the challenges you were trying to overcome?
There are several reasons why we chose FIDO. The first is security; FIDO is the best way to counter phishing attacks. The second is user experience; biometric authentication is much easier than passwords. The third is interoperability. With other approaches, developers have to implement authentication logic for each platform – iOS, Android and web. We wanted to design a “write once, work everywhere” system. FIDO helped us achieve that goal.
Why did you choose FIDO authentication over other options?
For us, the most important thing about adopting FIDO was that it was a web (W3C) standard. Again, this helped us to achieve our goal of “write once, work everywhere.”
What steps were involved in your roll out of FIDO authentication? Did you work with a partner?
We developed and implemented FIDO authenticator and server from scratch. We worked closely with the FIDO Japan Working Group through the development; I would like to thank them for their support. It was very exciting to work with them.
What role do you see FIDO authentication playing for your company in the future?
We believe that FIDO will accelerate our identity business even further. It will also enhance the security of our internal systems.
What advice would you give to other organizations considering rolling out FIDO authentication?
Talk to other stakeholders; companies, such as KDDI, are offering turnkey solutions!
Thank you for talking with us! Where can we learn more about KDDI?
You can find KDDI on the web at http://www.kddi.com/english/.
