ASLI RI and LoginID Launch Biometric Authentication Platform for Digital Services

Take a look at each of your phones, how many applications have you downloaded? Of the existing applications, how many require an account to use? With average smartphone usage almost 4 hours per day, most likely there is more than one membership-based application in use – say social media, messaging applications, shopping services online and so forth.

And one of the characteristics of those apps, their authentication methods require the user to type in a password, some with a PIN. For some people, it's quite tedious, in the end, equating passwords for all existing applications, even though according to experts, equating passwords across all services used quite risky. While having multiple passwords is quite a headache to remember.

This gap is then looked at by innovators, to make more efficient breakthroughs in the authentication system. One that is now starting to be offered is based on biometrics – by far the most popular uses a fingerprint, retina of the eye or face to unlock access to a service. And one of the local technology companies that provide these services is ASLI RI.

"ORIGINAL RI has a verification service eKYC using biometric technology, optical character recognition (OCR), liveness detection and digital onboarding; all of our services are in the form of SaaS," explained RIonald A. Soerjanto, Co-Founder & COO ORIGINAL RI.

Recently they collaborated with LoginID, a company from Silicon Valley, to launch the AsliLoginID product. It is a Biometric-Authentication as a Service (BaaS) platform that has: FIDO2 certification. The certification is one of the most stringent security standards today, is internationally recognized and compatible with various types of computing device operating systems.

"In this collaboration, LoginID has a FIDO2 Certified Server, one of the most qualified types of security and is recognized by world institutions today, which are members of the FIDO Alliances. ASLI RI has biometric verification technology. We combine these two services to make it easier for application owners to apply the model. secure biometric authentication," continued Rionald.

In this strategic partnership, ORIGINAL RI also provided investment to LoginID with undisclosed details.

FIDO encryption standardization

In most systems that exist today, user data such as accounts and passwords are stored centrally on servers belonging to the application provider. Even though it was encrypted, in fact it happened several times data breach Digital services have quite a large user base – both locally and internationally. This problem that the FIDO alliance is trying to solve with the released standard, they don't just put authentication data centrally in one point.

LoginID Founder & CEO Simon Law explained, FIDO standardization uses public-private key encryption. The public key is placed on the server system of a service, while the private key is placed on the server system chip each device. If the service server is successfully compromised, the public key can be revoked and reissued at any time. This model is considered to reduce security risks. Especially using biometrics, to access the device, you must really bring the device directly to an authorized user.

"You can be sure all (processing and data centers) are local. We bring technology from Silicon Valley and apply it locally. When talking to FIDO2 Certified, this solution has comply with GDPR (which is known as the most difficult data privacy law from the European Union), PSD2, to Open Banking. Automatically AsliLoginID will be comply to the PDP Law which will be released by the government soon," added Rionald.

As is known, the government is currently finalizing the draft of the Personal Data Protection Law (PDP). Based on draft as of December 2019, the PDP Bill contains 72 articles and 15 chapters governing the definition of personal data, types, ownership rights, processing, exceptions, controllers and processors, delivery, authorized institutions that regulate personal data, and dispute resolution. In addition, it regulates international cooperation to sanctions imposed for misuse of personal data.

BaaS is designed to be deployment-ready, application development companies can integrate the AsliLoginID platform into their services, complementing existing authentication models – such as single sign on with email or social media accounts. The ASLI RI team is quite optimistic that the solution login The products offered will be welcomed by consumers, especially smart phone devices that have fingerprint or facial recognition features are increasingly affordable in the market.

In the global arena, solutions such as AsliLoginID are starting to be sold by technology companies. One that also has a target in the Indonesian market is Element Inc. The New York-based company has also received investment from GDP Venture, Central Capital Ventures, MDI Ventures, Maloekoe Ventures and several other investors.