Why do users still get hacked? In the past, it was often because of weak passwords or the absence of multi-factor authentication (MFA), and for a long time, authentication was treated mainly as a security control that sat quietly in the background of digital systems. Today, however, the real threat lies in authentication itself, which has become ground zero for attackers.

“This shift matters because authentication now plays a much bigger role in how people trust digital systems,” noted Rodney Tan, Director, Cybersecurity Engineering Centre, Cyber Security Agency of Singapore (CSA), during his keynote at the inaugural FIDO Authenticate APAC conference in Singapore.

Whether the digital system is a government service, banking platform, enterprise application, or consumer service, authentication has effectively become the front door to the digital economy, Tan observed.

“If that front door becomes weaker, confidence in the broader digital ecosystem is affected as well,” he added.

Tan then outlined three major issues affecting authentication today: first, authentication has become the primary point of attack; second, shifting the strategy towards resilience will strengthen authentication; and third, scaling stronger authentication requires local ecosystem alignment.


More

FindBiometrics: FIDO Heralds Increasing Prominence of its Standards in Mobile Sector

In this article, FindBometrics reports on how the FIDO Alliance is heralding the increasing prominence…

Read More →

FindBiometrics: FIDO Gets High-Profile Endorsements at RSA 2017

FindBiometric shares highlights on FIDO from RSA 2017, including a summary of the FIDO Alliance’s…

Read More →

InfoWorld: RSA Conference preview: The agenda can’t keep up

InfoWorld looks at the hottest long-running themes for the 2017 RSA Conference, including “security foundations”…

Read More →


Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.