SURF is the shared IT organization for research institutes and universities in the Netherlands. The organization helps to connect over 100 different institutions across the country. 

The Challenge/ Use Case:

With lots of students and educators that need access, SURF faces multiple challenges. 

Since 2007, SURF has been developing and using a service it calls SURFconext, which provides a national identity federation for research and higher education. SURFconext is an identity federation that consists of over 180 different identity providers and it provides a single sign-on (SSO) capability for SURF’s member institutions. SURFconext is based on the SAML 2.0 standard and makes use of OpenID Connect and is used by 1.7 million people across the Netherlands. 

Over the last decade, there have been increasingly sensitive workloads and growing security concerns with accessibility. Some member institutions were only enforcing access with basic password authentication and there was a need to introduce multi-factor strong authentication.

How SURF Uses FIDO To Secure Its Users

With multiple member organizations each using various technologies, SURF implemented an add-on service called SURFsecureID.

SURFsecureID is a hosted service that provides multi-factor authentication, with a step-up approach.

“The idea is that users authenticate at their home University using the password and before they are redirected to the service provider they are redirected to us where we require a second factor before sending them off to the service they initially requested,” explained Joost van Dijk, Technical Product Manager at SURF.

The step up authentication approach makes use of FIDO2 standards to help protect SURF’s users.

Benefits

With FIDO, SURF is now able to provide strong authentication to users across the Netherlands in an approach that helps to improve resiliency and security.

One particular risk that FIDO helps SURF to minimize is that of phishing attacks which has been a growing concern since at least the onset of the pandemic.
“Especially since the COVID crisis began, we’ve seen a lot of phishing campaigns launched against our users and we see FIDO2 as an excellent way to mitigate this threat,” commented Joost van Dijk, Technical Product Manager at SURF.


More

Branch enhances security and user experience with passkey implementation

Corporate Overview Branch® is a cloud-native home and auto insurance company founded in 2020. Operating…

Read More →

J:COM turns to Passwordless Authentication

Corporate Overview JCOM Co., Ltd. (J:COM) provides a wide range of services to 5.72 million…

Read More →

HiTRUST Brings Passkeys to Colatour Travel

Imagine booking your dream vacation with just a single touch or a smile, without worrying…

Read More →


12318 Next