Free user from Password!!
Authentication system “Magatama” is well designed for the authentication on Internet banking and on Web services.
Magatama Platform offers an authentication solution that is compliant with “FIDO,” the next-generation online authentication standards. With Magatama Platform, biometric authentication such as fingerprint or facial recognition can be easily implemented onto the login page of a membership web service or of a smartphone app for customers.
You can build a FIDO-based login system just by incorporating an SDK, and no knowledge of FIDO is required. Introducing Magatama Platform to your system will allow you to build a simple yet secure authentication system. In addition to bringing many advantages to service providers, it also makes it both easier (no need to memorize passwords, no hassle of entering their passwords on a smart device) and more secure (taking advantage of biometric authentication to perform more secure personal authentication and preventing identity fraud) for users to use your service.
･ No need to manage IDs and passwords anymore.
･ Easy to operate even on smart devices with inconvenient text input interface.
･ Biometric authentication minimizes the risk of identity fraud, thus providing a sense of security.
･ Biometric data (fingerprints, facial features, vein patterns, etc.) are managed on the user’s device, thus providing a sense of security.
○ Service provider
･ No need to acquire or manage users’ sensitive (biometric) information.
･ Effective against identity fraud.
･ Authentication at the transaction level is also supported.
･ Designed to use users’ devices, lowering additional investment and management costs.
･ Drastically reduces the workload of help desk agents, as no user will “forget” his/her password, etc.
■ Authentication model on Magatama Platform
What is FIDO (Fast IDentity Online)?
FIDO (Fast IDentity Online) is a set of international authentication specifications that realizes “a new kind of online authentication that is not dependent on IDs and passwords.” Adopting FIDO standards means that the entire authentication process will be performed on the client side alone, with no need for sending any private information to the server side. No transmission of private information means no information leaks. Also, on the server side, user authentication is done following an authentication protocol using a public key shared with the client. The FIDO Alliance is an organization composed of various industry leaders that provides secure and easy-to-use international authentication standards. The alliance is now working towards establishing an authentication method that is “secure” and “easy to use” and will replace conventional passwords. It was founded in July, 2012, in order to solve issues caused by the lack of compatibility between authentication devices and dependence on usernames and passwords (password authentication). DDS became the first Japanese member enterprise of the FIDO Alliance in April, 2014, and has been working hard to educate the country’s industries in order to promote FIDO in Japan. We rolled out magatama HW, a FIDO-certified product, in 2015. We then released FIDO-compliant Magatama Platform in October, 2016. In December of the same year, we became a sponsor member of the FIDO Japan Working Group.
FIDO Authentication Model
Unaffected by the Amendment of the Act on the Protection of Personal Information
The Amendment of the Act on the Protection of Personal Information, which came into force in May, 2017, has newly defined biometric information handled by authentication systems for personal identification as “private information.” FIDO provides a framework where no biometric information of customers needs to be stored on the server side, which is suited to internet banking systems.
FIDO as two-factor authentication
In order to log into an internet banking system that utilizes FIDO authentication, the following two processes must be completed: “biometric personal identification on the client device” and “signature verification between the client device storing a private key and the server.” FIDO authentication requires both biometric information and private keys, thus meeting the definition of two-factor authentication.