Steering the Death of PasswordsRSA's Kayvan on How FIDO Can End Password Dependency
Fast Identity Online, or FIDO, is a consortium formed by a group of security professionals that's advocating authentication framework architecture and protocol concepts to help users preserve data privacy.
Kayvan Alikhani, senior director of technology at RSA and a member of the alliance, says FIDO is working toward eliminating users' dependency on passwords and suggesting an alternative to authenticate user identity along with common design considerations.
"With the rate of acceleration in mobile transactions on the rise, FIDO observes that only a fraction of devices are equipped with the right type of sensors that protect the credentials of the user. To do this, we need more mature authentication frameworks," Alikhani says.
It's critical to encourage the use of a standardised strong, multi-factor authentication mechanism to combat growing security threats, preserve end-user privacy and unify the end-user experience, Alikhani contends. FIDO is striving to eliminate users' dependency on passwords and encourage universal second-factor authentication, and a universal authentication framework, to enable a password-less experience.
In this interview with Information Security Media Group, conducted at the RSA Conference Asia Pacific & Japan, held recently in Singapore, Alikhani discusses common design considerations as part of a complete identity and access management strategy. He elaborates on:
- Aligning CISO and risk functions in coming up with a strong authentication tool;
- Developing a risk mitigation strategy and using biometrics;
- Recognizing the importance of training and support in managing identities.
Alikhani was the CEO of PassBan, a company focusing on mobile security that was acquired by RSA. He also was the CEO at LiteScapre, a VoIP mobile multi-factor security company. He was the co-founder of BeNotified, a cloud mobile communication service, and AVIRNEX, a cloud-enhanced fixed and mobile services company. Earlier, he was a developer at Microsoft and Siemens. With 25 years of experience, he serves as board adviser to multiple companies.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.