The FIDO Alliance recently released an FAQ on how its authentication protocols help companies control access to and permissions for data—a key component for GDPR compliance.
StrongKey’s CTO, Arshad Noor, collaborated on this FAQ document published by the FIDO Alliance to help illustrate how FIDO’s strong, encryption-backed authentication is relevant to the EU’s General Data Protection Regulation (GDPR).
According to Arshad: “While companies focused mostly on security in the past, in this era of increasingly hostile online environments, GDPR, and the impending CCPA, highlight that companies must now pay specific attention to consumer privacy too. Although many online authentication technologies store user data and authentication secrets on their servers, FIDO protocols do not store any sensitive data, including biometric data, and are designed with privacy in mind. These protocols provide actionable guidelines that will benefit both companies and their customers in becoming GDPR compliant.”
You can find the original source for this content on the FIDO Alliance’s website at: https://fidoalliance.org/faq-on-fido-relevance-for-the-gdpr/.