HID, a company that provides secure identity solutions, announced the availability of its updated FIDO-certified authentication solutions in the Philippines, to help financial institutions and enterprises comply with the Bangko Sentral ng Pilipinas’ (BSP) new rules on IT risk management under the Anti-Financial Account Scamming Act (AFASA).
BSP requires organizations under its supervision to strengthen fraud management and identity verification by June 25, 2026. The directive calls for the adoption of secure, phishing-resistant methods, such as passwordless authentication through FIDO standards.
The measure comes amid rising online scams and fraud cases in the country.
HID introduced its Enterprise Passkey Management (EPM), a subscription-based solution that enables large-scale adoption and management of passwordless credentials.
“Our next-generation FIDO portfolio gives Philippine enterprises the hardware diversity and centralized management capabilities needed to deploy and manage passkeys at scale, while reducing reliance on phishable credentials like passwords and OTPs to enhance organizations’ overall cybersecurity posture,” said Sean Dyon, vice president and head of the Authentication Business Unit at HID.
Through Enterprise Passkey Management, companies can issue FIDO credentials on behalf of employees, reducing manual processes and training requirements. The system also allows full lifecycle management, including credential issuance, revocation, and audit trails, supporting compliance with BSP’s passwordless authentication guidelines.
HID also expanded its hardware portfolio to address different business requirements. The line includes Crescendo Keys, which support FIDO2, PKI, and OATH; Crescendo Cards, which function as both corporate badges and digital access tools; and the OMNIKEY 5022 contactless reader for workstation authentication.
The portfolio further integrates physical and digital access through Seos FIDO-enabled and MIFARE DESFire EV3 FIDO-enabled cards. These combine secure entry to physical facilities with phishing-resistant digital authentication, offering a single credential for employees.
All devices are compatible with Microsoft Entra ID and other major identity providers, ensuring smooth integration with existing enterprise systems.