Improved Identity Management with Verifiable Credentials and FIDO
Source of Publication
IEEE Communications Standards Magazine
© 2017 IEEE. We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. We describe our conceptual model and architecture, and the protocol we used by extending FIDO's UAF in order to provide both strong authentication and strong authorization. We built a pilot implementation for U.K. NHS patients to validate our implementation. Patients were able to use a mobile phone with a fingerprint reader to access restricted NHS sites in order to make and cancel appointments and order repeat prescription drugs. Our initial user trials with 10 U.K. NHS patients found the system to be easy to use, and fingerprints to be preferable to using usernames and passwords for authentication.
Institute of Electrical and Electronics Engineers Inc.
Global system for mobile communications; Network architecture; Conceptual model; Fingerprint reader; Identity management; Identity management systems; Pilot implementation; Prescription drugs; Strong authentication; Authentication
Chadwick, David W.; Laborde, Romain; Oglaza, Arnaud; Venant, Remi; Wazan, Samer; and Nijjar, Manreet, "Improved Identity Management with Verifiable Credentials and FIDO" (2019). All Works. 1967.
Indexed in Scopus
Open Access Type
Green: A manuscript of this publication is openly available in a repository