From passwords to keys: the FIDO standard and biometrics

The answer to the weaknesses of passwords is a shift to asymmetric keys and to standards that are accessible to ordinary users. The FIDO Alliance defined a way to securely create and use authentication keys directly on devices, supported by Google, Microsoft, and Apple. We see the result every day: signing in with a fingerprint or via Face ID without the user having to think about what happens in the background. However, deploying this in larger organizations is not trivial, and for critical infrastructure an even higher level of reliability and resilience is often necessary.

Hardware identity wallet and the path to zero trust

The solution for high trustworthiness is personal devices—“identity wallets” that connect a person to their cryptographic keys. They can take the form of a small key fob or an ID card holder, verify the user with biometrics, and use sensors to recognize that they are with their owner. With them, passwordless logins to computers, qualified document signing, encryption, as well as physical access or secure printing are possible; in some deployments, even location tracking of readers within a space. The devices are certified, validated by major software vendors, and are manufactured in the EU, near Košice.

The important thing is that identity is not centralized on large servers—everyone “carries” it with them and confirms it literally with their own hands. Such an architecture makes the transition to zero trust easier: data are signed by the author and encrypted only for the recipient, so trust arises not from a position in the network but from cryptography. In practice, this reduces reliance on temporary patches like VPNs and firewalls, which tend to circumvent the essence of the problem rather than solve it. Strong identity thus becomes a cornerstone of security in the digital world.