“New anti-phishing procedures are on the way,” the FIDO Alliance said at a webinar covered by Biometric Update, “but they come with practical levels of flexibility and don’t require replacing time-honored personal ID verification (PIV) credentials and common access cards (CAC).”
in an accompanying white paper, the alliance members, of which MITRE is one, stipulated that implementing single sign-on, life-cycle management, and digital identity risk assessments “are table stakes for federal zero trust implementations and prerequisites for U.S. government FIDO deployments.”
“If PIV and CACs are already meeting your needs, that’s great,” said Tom Clancy, principal cybersecurity engineer, MITRE. “Think about FIDO authentication as a replacement for phishable authentication, not as a replacement for PIVs and CACs.”