DNP Joins FIDO Alliance
Alliance promotes standardization of online authentication
Dai Nippon Printing Co., Ltd. (DNP) is pleased to announce that as of October 14, 2015, it became a sponsor member of the FIDO Alliance, an international non-profit organization with the objective of standardizing online authentication without the use of a password. In FY 2016, the Company plans to launch an authentication service endowed with both strong security and customer convenience features that is compatible with FIDO specifications.
It is rare for consumers to set separate passwords for the numerous internet services they use, where they more commonly rotate a number of passwords that can be easily remembered. As a result, in cases where passwords are leaked from one service users often run into Dictionary-Based Password Attacks, whereby attackers attempt to assume the identity of the registered user and log on to other services. And there have been reported cases of damage from such illegal use, including illicit cashing of loyalty points, or of net-shopping that highlight the safety challenges of ID and password-based authentication methods. Some internet banking services combine a one-time password token that generates a different password on each authentication, with IDs and passwords, but to date these have seen only limited usage.
The FIDO Alliance is promoting the standardized adoption of Fast IDentity Online (FIDO), a new online authentication technology specification that combines strong security and ease of use to consumers by using public key encryption and biometric authentication technologies. DNP will employ technology accumulated through IC cards and personal authentication services used in online shopping card settlement that are compatible with 3-D Secure1 to create an authentication infrastructure that meets the standards of FIDO specifications, and provide an authentication service endowed with both strong security and customer convenience features.
DNP will utilize biometric authentication functions incorporated into smart phone and wearable terminals to provide an intuitive and comprehensive authentication method. The Company also plans to provide new authentication methods against new threats. By providing an authentication service that combines multiple authentication methods based on pre-developed basic functions, it is possible to reduce development burdens at companies. Service operation will be conducted at the DNP Data Center that is equipped with both advanced security and earthquake proofing.
And by moving from existing authentication methods that use IDs and passwords, to those, such as biometrics, that do not require passwords, it becomes possible to strengthen security. As the new authentication method uses functions already integrated into owner smart phones, there is no need to distribute dedicated reader devices or tokens, making it easier to add authentication functions to existing smart phones. Consumers can therefore perform authentication without using passwords, which reduces password management burdens.
DNP plans to launch a FIDO specification compatible authentication service in FY2016. The new authentication service will be offered mainly to financial institutions, and internet service operators, aiming for sales of 2.0 billion in the four years to FY 2019.