Improved Identity Management with Verifiable Credentials and FIDO
Source of Publication
IEEE Communications Standards Magazine
© 2017 IEEE. We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. We describe our conceptual model and architecture, and the protocol we used by extending FIDO's UAF in order to provide both strong authentication and strong authorization. We built a pilot implementation for U.K. NHS patients to validate our implementation. Patients were able to use a mobile phone with a fingerprint reader to access restricted NHS sites in order to make and cancel appointments and order repeat prescription drugs. Our initial user trials with 10 U.K. NHS patients found the system to be easy to use, and fingerprints to be preferable to using usernames and passwords for authentication.
Chadwick, David W.; Laborde, Romain; Oglaza, Arnaud; Venant, Remi; Wazan, Samer; and Nijjar, Manreet, "Improved Identity Management with Verifiable Credentials and FIDO" (2019). Scopus Indexed Articles. 496.