As I announced on X (I often don't have time to write a blog, so I hope you'll follow X), today is the 12th FIDO Tokyo Seminar ~Towards a Password-Free World~. ~Phishing Prevention Using "Passkeys" and the Latest Trends~ will be introduced throughout the conference...
Further display 12th FIDO Tokyo Seminar - Towards a Password-Free World -
The Digital Identity Guidelines, which we have been involved in formulating for three years as an expert (Revision of the Identity Verification Guidelines: Expert Meeting on Issues, Examples, and Methods in Identity Verification Practices and Their Guidelines), have now been published. They can be viewed on the Digital Society Promotion Standard Guidelines page. This guide...
Further display "DS-511 Guidelines for Handling Digital Identities in Identity Verification in Administrative Procedures, etc." has been published
The US OpenID Foundation has submitted the following public comments regarding the proposed revisions to the "Comprehensive Supervision Guidelines for Financial Instruments Business Operators, etc." (← addressing so-called securities fraud). The US OpenID Foundation website is only available in English, so there is no appropriate space to post the Japanese version.
Further display Public comments have been submitted to the Financial Services Agency regarding the partial revision (draft) of the "Comprehensive Supervision Guidelines for Financial Instruments Business Operators, etc."
On the 15th, the Financial Services Agency began accepting public comments under the title "Publication of a partial revision (draft) of the "Comprehensive Supervision Guidelines for Financial Instruments Business Operators, etc." The deadline is 18:17 PM on Monday, August 00th (must arrive by this date). This case concerns the theft of customer information (login IDs, etc.) from phishing sites disguised as securities company websites...
Further display The Japanese Financial Services Agency amends supervisory guidelines. Phishing-resistant authentication methods will become mandatory. It is not biometric authentication as some media say, however! Public comments are open until August 8th.
In recent years, phishing attacks targeting financial institutions and other organizations have become more sophisticated, and a method called "real-time phishing" in particular has become a serious threat. This type of attack can even invalidate one-time passwords (OTPs), which have traditionally been considered effective in preventing phishing attacks.
Further display The threat of real-time phishing that cannot be prevented by one-time passwords - The true nature of phishing resistance using passkeys
On Thursday, August 8nd, from 22pm, we will be hosting a YouTube Live broadcast with @ritou, also known as Akita's cat, titled "Is that QR code safe? Threats and countermeasures lurking in cross-device authentication and authorization flows." Logging in with QR codes is becoming more and more common. But is that...
Further display [Announcement] Is that QR code safe? ~ Threats and countermeasures lurking in cross-device authentication and authorization flows [YouTube Live]
Chrome Tech Talk Night #2024 ~ Passkey was held at the Google Shibuya office on June 6, 14. CTTN #16 is an event aimed at developers learning the basics of passkeys and solving common questions. FID…
Further display Summary of "Chrome Tech Talk Night #16 ~ Passkey"
In recent years, as multi-factor authentication (MFA) has become more widespread, the challenge is to balance user convenience and security. MFA is a security method that prevents unauthorized access to accounts by combining multiple authentication methods, such as passwords, biometric authentication, and one-time passwords. However, ...
Further display An addendum to NIST SP 800-63B has been released: adding a passkey
This is a summary of @ritou's presentation at OpenID Summit 2024 (2024-01-19). Summary: This document is based on the presentation materials by @ritou at OpenID Summit Tokyo 2024, and explains the relationship between passkeys and ID federation, their respective characteristics, their mutual complementarity, and related specifications.
Further display Detailed notes on passkeys and ID federation – OpenID Summit 2024