Three ways in which GDPR impacts authentication

The General Data Protection Regulation (GDPR) has been enforced across the European Union (EU) since late May, and is widely considered the single most significant change to data protection law in two decades, impacting a countless number of organisations across the globe that collect and process information from EU citizens.1 This very much includes those in charge of online authentication, given the sensitive nature of the data being protected by those authentication systems, and the regulatory consequences of providing inadequate protections for that data. The General Data Protection Regulation (GDPR) is widely considered the most significant change to data protection law in two decades, impacting organisations across the globe. This includes those in charge of online authentication. Businesses previously focused on implementing informed consent to comply with the GDPR need to also look at implementing stronger authentication that improves their users’ experience while complying with the GDPR's rigorous requirements, explains Brett McDowell of the FIDO Alliance. © 2019 Elsevier Ltd