Strong authentication based on FIDO2 technology

Password-free login, self-service administration and high security without certificates and client software. This is the concept of Buypass’ FIDO2-based authentication solution. The solution will support eIDAS High and eIDAS Substantial.

The requirements for a public enterprise now range from complying with the Norwegian "PKI in the public sector" regulations to the requirements related to the eIDAS regulation. In the eIDAS regulation, there is no longer an explicit requirement for the use of PKIs and certificates to achieve strong authentication. This provides new opportunities for the use of other technologies, such as FIDO2, to achieve authentication at a similar level.

Fido2 and trust at eIDAS level from Buypass
Fido2 and trust at eIDAS level from Buypass

FIDO2 + Trust

FIDO2 alone is not the solution, but together with trust services at the eIDAS level, completely new possibilities open up. Keys (FIDO2 security key) in many different form factors can be chosen based on needs. The majority of all browsers support open interfaces on which FIDO2 is based, which eliminates the need to install software on the user device.

Read more about FIDO2 authentication from Yubico.

The FIDO2 solution offered by Buypass is based on industry standards which in turn help to remove much of the complexity we see in today's PKI-based solutions. Our FIDO2 solution includes several options for self-service key administration.

The solution works as an Employee ID with a link to the company's database via the Open ID Connect service. An employee has rights assigned as long as they remain in the database. For example, when a person leaves the company and is removed from the database, the authentication is automatically removed.

Customer deliveries

Buypass is actively working on several FIDO2-based customer deliveries. As a Qualified Trust Service Provider (QTSP), we are the trust anchor a company needs to establish an authentication solution that removes usernames and passwords, while at the same time satisfying regulatory requirements for secure authentication on eIDAS Substantial or eIDAS High.

We are happy to tell you more about our solution and help you assess whether it’s something that suits your business needs.

  1. Martin og Trygve webinar-fido2-helseID-eidas

    Read the article digi.no wrote after participating at our webinar on strong authentication with FIDO2

    Scan your pass, and you never need to remember your password again: Password-free login will make your everyday working life easier. Read the article here (in Norwegian)

Get in touch with us

We are happy to tell you more about this solution :)