The global COVID-19 pandemic closed offices and forced governments to rapidly move services online, if they weren’t already, to serve its citizens. Although usernames and passwords are easy to deploy and easy for citizens to use, they leave systems and users vulnerable to cyberattacks. They are especially vulnerable to phishing attacks designed to steal login credentials and compromise legacy multi-factor authentication (MFA) tools like those using one-time passwords (OTP) and push notifications. With phishing attacks on the rise, it is imperative for governments to support “phishing-resistant” MFA technology that is also accessible, efficient, and cost-effective.

Enterprises and governments around the globe are turning to modern online authentication solutions featuring FIDO specifications based on public key cryptography. Governments and industries have embraced FIDO as the preferred way to deliver high-assurance MFA to consumers. Notably, the Cybersecurity & Infrastructure Security Agency (CISA), a component of the U.S. Department of Homeland Security (DHS), refers to FIDO security keys as the gold standard of MFA1

Several governments globally have deployed and/or supported FIDO authentication for citizens to securely conduct government transactions, including making tax payments and applying for and accessing government benefits. Governments leveraging FIDO authentication solutions have realized reduced operational costs and increased consumer satisfaction.

This white paper provides guidance for policymakers and department/agency heads seeking to learn about FIDO authentication to support or deploy FIDO for e-government services.


More

White Paper: Replacing Password-Only Authentication with Passkeys in the Enterprise

Editors Khaled Zaky, Amazon Web Services Abstract This white paper describes the need for a…

Read More →

White Paper: FIDO Deploying Passkeys in the Enterprise – Introduction

Editors Dean H. Saxe, Amazon Web Services, Co-Chair FIDO Enterprise Deployment Working Group 1. Introduction…

Read More →

White Paper: FIDO Attestation: Enhancing Trust, Privacy, and Interoperability in Passwordless Authentication

Editors Khaled Zaky, Amazon Web ServicesMonty Wiseman, Beyond IdentitySean Miller, RSA Security Eric Le Saint, Visa…

Read More →