Title

Improved Identity Management with Verifiable Credentials and FIDO

Source of Publication

IEEE Communications Standards Magazine

Abstract

© 2017 IEEE. We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. We describe our conceptual model and architecture, and the protocol we used by extending FIDO's UAF in order to provide both strong authentication and strong authorization. We built a pilot implementation for U.K. NHS patients to validate our implementation. Patients were able to use a mobile phone with a fingerprint reader to access restricted NHS sites in order to make and cancel appointments and order repeat prescription drugs. Our initial user trials with 10 U.K. NHS patients found the system to be easy to use, and fingerprints to be preferable to using usernames and passwords for authentication.

Document Type

Article

First Page

14

Last Page

20

Publication Date

12-1-2019

DOI

10.1109/MCOMSTD.001.1900020

Share

COinS