Simple and secure authentication with the SwissPass FIDO2 protocol
08.08.2023 Dominic Baumann and Coralie Rohrer, graduates of the BSc in Computer Science, have developed on behalf of SBB a secure authentication protocol which combines ease of use with data economy for the new SwissPass card with integrated FIDO2 authenticator.
This protocol allows a more secure use of the card using standardised protocols and leads to an extremely user-friendly experience: to use a new service, all you need to do is briefly hold the SwissPass card up to an NFC reader and confirm your identity by e-mail or SMS. Relying parties wishing to use the new protocol will be able to reduce operational costs as all SwissPass users will be able to use their services without prior registration. Moreover, they will always receive up-to-date user data, provided that the SwissPass users have given their consent.
The resulting SwissPass FIDO2 protocol is to be further developed by BFH for various applications on behalf of SBB.