Governments around the world are recognizing and deploying FIDO! Clicking on the countries / regions below provides information on how government agencies have deployed FIDO certified solutions for use by employees and/or citizens in government programs (these entries are noted as “deployments”). This page also includes government agencies that have recognized and included references to FIDO standards in policy documents and/or regulations pertaining to online authentication (these entries are noted as “recognitions”). Please check back frequently as this page will be updated as new deployments and recognitions roll out.
A downloadable version that includes more details of FIDO deployments and recognitions, is available by clicking here.
Questions on this webpage? Email info@fidoalliance.org
FIDO Technology: UAF/FIDO2
Government Agency
Description:e-government services (authentication and transaction signing) for the national cyber security services and management. Involves government, city council and selected industry such as bank, telco, transport and etc.
Norwegian healthcare sector
Description:Targeting the pharmacies, and it is mainly built on Windows technology. The FIDO authenticator is used by the pharmacist to login to her account at the Windows workstation, which gives access to the proper applications and systems. This system is in production at one pharmacy group.
HelseNorge
Description:Providing mobile authentication solutions for the medical staff. In this case, FIDO is used as authentication solution using Android and Apple iOS smartphone apps. This will be tested and evaluated in a proof of concept during the rest of 2020.
Tax Service
Korea National Intelligence Service
Program:Security Requirements for Government Agencies
Description:Korea National Intelligence Service (KNIS) published its third version of Security Requirements for Government Agencies, which recommends FIDO Authentication as a strong cryptographic second factor option for end-user security.
FIDO Technology: UAF
Korea Internet Security Agency (KISA)
Program:K-FIDO Specification
Description:KISA developed what is known as the K-FIDO specification that combines the FIDO Universal Authentication Framework (UAF) specification and Public Key Infrastructure (PKI) to enable authentication and ID verification at the same time for successful commercial fintech deployments.
FIDO Technology: UAF
Ministry of Interior and Safety (MOIS)
Program:Government 24
Description:Government 24 is the official portal of the Korean government, providing e-government services to citizens. The portal was developed and is operated by the Ministry of Interior and Safety (MOIS). Support for the FIDO UAF specification was added when it launched in 2019.
FIDO Technology: UAF, FIDO2
Ministry of Interior, Ministry of Finance
Program:Taiwan Fido
Description:Taiwan FidO is a mobile authentication service deployed by Ministry of Interior. The citizen can register Taiwan FidO service with personal citizen certificate, and log in to many e-government services using the registered Taiwan FidO account.
FIDO Technology: UAF
Electronic Transactions Development Agency (ETDA)
Program:“Development and Installation of Registration System on Mobile Devices for Use as Authenticator (TOR released in August 2020)”
Description:ETDA is developing a FIDO UAF system which will provide enterprise or organizations as an reference to deploy their mobile authentication application.
FIDO Technology: FIDO2
National Health Service
Program:NHS Identity Authentication Service
Description:NHS Identity currently authenticates against around 1 million care worker identities in its repository; registered and checked to a high level of confidence several new methods of verifying the subject, such as one time passwords, push notifications, knowledge based secrets, biometric touch id, Windows Hello, cryptographic certificates, FIDO2 supported devices and OIDC Smartcards
Cabinet Office, Government Digital Service
Program:GPG 44 – Using authenticators to protect an online service
Description:The U.K.’s Government Digital Service published updated guidance, Using authenticators to protect an online service (GPG 44). Following NIST, the term ‘credential’ has been replaced with “authenticator”. Transaction monitoring is noted and “High Quality Authenticators” is defined if it has been independently tested to prove it meets industry standards, such as the Common Criteria guidelines, FIDO or FIPS 140-2.
FIDO Technology: U2F
Cabinet Office, Government Digital Service
Program:GOV.UK (https://www.gov.uk/) Verify
Description:GOV.UK (https://www.gov.uk/) Verify uses a host of identity providers, including Digidentity which supports U2F, to validate a citizen’s personal data, store that data, and verify the user is who they say they are when they attempt to access government digital services.
FIDO Technology: UAF
National Health Service
Program:NHS mobile app
Description:NHS App aims to allow the public to fulfil their healthcare needs at the touch of a button. However, a security-conscious, multi-factor authentication login process proved a major ‘speed bump’ for users. The NHS App team worked closely with NHS login, the identity verification system that enables patients to access their digital records and services, to look review potential solutions of providing password-less login for users. They wanted to go with biometric and selected FIDO UAF. They have about 1.5 million users.
Department of Digital, Culture, Media and Sport (DCMS)
Program:UK digital identity and attributes trust framework alpha
Description:DCMS is responsible for digital identity policy and strategy for the UK economy. In February 2021, DCMS published the UK digital identity and attributes trust framework alpha for organizations that want to provide or consume digital identity and attribute products and services.
