As we all transition from version 3 of NIST SP 800-63 to the new version 4 (63 63A 63B 63C), Biometric Update has published an article authored by Dustin Hoff of KeyData Cyber, “Navigating the crossroads of identity: leveraging NIST SP 800-63-4 for business advantage.”
So what has changed?
“Perhaps the most visible change is the push for phishing-resistant authentication—methods like passkeys, hardware-backed authenticators, and device binding….This shift signals that yesterday’s non-phishing-resistant MFA (SMS codes, security questions, and email OTPs) is no longer enough because they are easily compromised through man-in-the-middle or social engineering attacks like SIM swapping.”
Hoff says a lot more about version 4, including tips of transitioning to the new NIST standard. Read Hoff’s piece here on Biometric Update.
Bredemarket 