The Zenkey App is a joint venture of the 3 dominant mobile phone service providers in the US.
FIDO for 5G from Authenticate 2021-10-19 presented that among the big telco adopters of FIDO is Verizon which is using strong authentication for a number of different services.
Josna Kachroo, Sr. Manager for Device Technology at Verizon, commented in a session that password phishing continues to be a major problem. She noted that Verizon has adopted FIDO standards to enable a best in class authentication solution and one that is able to scale across many different use cases.
Bjorn Hjelm, Distinguished Member of Technical Staff at Verizon, outlined a number of use cases including the ZenKey app that is a joint development across AT&T, T-Mobile and Verizon to enable access to services. The need for strong authentication and FIDO is also important for 5G wireless. Hjelm explained that 5G enables operators to do network slicing. With network slicing, an operator can virtually reserve network resources for a specific purpose. One such specific purpose can be for first responders, where there is a need also for strong user authentication in order to grant access to the service. “We are positioning FIDO as part of the user authentication for first responders,” Hjelm said. See wiki on FirstNet.
- Each telco (MNO) provides their own app and their own client ID for the Relying Party
- There is a common service point with a Zenkey logo that can be placed on the Relying Party Website.
- ZenKey simplifies integration by following the OpenID Connect (OIDC) authentication protocol. OpenID Connect is based on the OAuth 2.0 specification. It uses JSON web tokens (JWTs) obtained using OAuth 2.0 flows. The ZenKey SDK uses OIDC to support developers, creating experiences in web and native applications
- Zenkey Developer