Skip to main content



Archived content

NOTE: this is an archived page and the content is likely to be out of date.

Fujitsu Enables Secure Use of Cloud Services via IoT Devices Using a Smartphone's Biometric Authentication

Fujitsu Laboratories Ltd.

Kawasaki, Japan, February 16, 2017

Fujitsu Laboratories Ltd. today announced the development of a technology that enables safe and easy use of cloud services through IoT devices using the biometric authentication functionality of smartphones and near-field wireless functionality.

In the era of IoT, various devices are connected to cloud services. When using these services such as parcel delivery lockers in apartments or public facilities, or when using car sharing services, user authentication will need to take place each time a service is used. With existing ID and password systems, users have to manage multiple IDs and passwords which make the authentication process cumbersome.

By applying FIDO(1) technology that enables biometric authentication of a cloud service's user without extracting biometric information from that user's smartphone, Fujitsu Laboratories has developed technology that establishes a secure network between a cloud service, an IoT device, and a smartphone, and then simultaneously verifies the identity of the user and that the user is in front of the IoT device.

With this newly developed technology, users can safely and conveniently access cloud services through a variety of IoT devices without inputting an ID and password, using just their smartphone's biometric authentication. In addition, this technology enables the provision of a strong personal authentication service using biometrics without requiring service providers to manage an individual's biometric information for each device or service.

This technology will be shown at RETAILTECH JAPAN, the 33rd retail information systems trade show, held March 7 - 10.

Development Background

It is said that by 2020, several tens of billions of IoT devices will be connected to the internet, bringing huge changes to industries and our daily lives. It is expected that, by connecting a variety of devices, the number of services connecting people and devices will expand. For example, having customized services and settings made available while multiple users have access to any given car sharing vehicle, or providing insurance based on the characteristics of a user, their usage history, and the car being used. As these types of situation become more common, there is a need for a more convenient, new authentication technology to replace the existing system of ID and password authentication in which users have to manage multiple IDs and passwords.


Biometric authentication, which does not require an ID or password authentication, is a convenient method for authenticating users. However, in order to use biometric authentication with a variety of IoT devices, it would be necessary to incorporate biometric authentication hardware into each of those devices. Also, in creating various services using IoT devices, there has been the issue of authenticating users in a safe and convenient way.

About the Technology

By applying FIDO technology and using a smartphone with biometric authentication capability, Fujitsu Laboratories has developed a technology that securely authorizes cloud service usage by authenticating a user through strong biometric authentication, without needing to incorporate any biometric authentication hardware.

Figure 1: Diagram of the authentication pathwayFigure 1: Diagram of the authentication pathway

With the newly developed technology, when a user uses an IoT device, by first physically moving the user's smartphone in close proximity to the IoT device, the smartphone's software and the IoT device's software can exchange confidential information with each other, creating a temporary secure communications pathway between the smartphone and the IoT device, without any effort on the user's part.

Next, users utilize the biometric authentication functionality of their smartphones to carry out authentication, and a certificate verifying the results of the biometric authentication and the fact that the person is in front of the device are sent using the FIDO protocol to the cloud service. The cloud service uses this information to verify both the person using it and the fact that the person is in front of the device, then the IoT device authenticates the user and the service is provided to the user through the IoT device.

This technology makes it possible for users to make use of services through a variety of IoT devices in a safe and secure environment, using the biometric authentication functionality of the smartphone they use every day.


With this newly developed technology, users can expect increased convenience, with the ability to use cloud services through IoT devices using the biometric authentication functionality of the smartphones they use regularly, without having to manage IDs or passwords, or register and manage authentication information on other devices that feature biometric authentication. In addition, for service providers, it is now possible to provide strong personal authentication using biometric authentication, without having to manage individual biometric authentication information for each device or service.

For example, by using a smartphone to identify the user, biometric authentication safely enables the use of a smartphone to unlock a fleet or car sharing vehicle, start the engine, or automatically adjust a vehicle's settings to a user's preferences. In addition, it enables safe and secure authentication of a user for a variety of services which require user authentication for IoT devices, such as parcel delivery lockers and access into secured rooms.

Figure 2: Sample usage scenariosFigure 2: Sample usage scenarios

Future Plans

Fujitsu Laboratories will continue to validate this newly developed technology for a variety of usage cases, aiming for commercialization during fiscal 2017 as a technology that expands the FUJITSU IoT Solution Biometric Sensor Authentication Solution Online Biometric Authentication Service(2).

  • [1] FIDO (Fast IDentity Online)

    An online authentication protocol for authenticating individuals on devices such as smartphones, without sending individual authentication information through the internet, specified by the FIDO Alliance.

  • [2] FUJITSU IoT Solution Biometric Sensor Authentication Solution Online Biometric Authentication Service

    “Fujitsu Launches Online Biometric Authentication Service with Total Support for Robust, FIDO-Compliant Security” (Press release dated December 21, 2016):

About Fujitsu

Fujitsu is the leading Japanese information and communication technology (ICT) company, offering a full range of technology products, solutions, and services. Approximately 156,000 Fujitsu people support customers in more than 100 countries. We use our experience and the power of ICT to shape the future of society with our customers. Fujitsu Limited (TSE: 6702) reported consolidated revenues of 4.7 trillion yen (US$41 billion) for the fiscal year ended March 31, 2016. For more information, please see

About Fujitsu Laboratories

Founded in 1968 as a wholly owned subsidiary of Fujitsu Limited, Fujitsu Laboratories Ltd. is one of the premier research centers in the world. With a global network of laboratories in Japan, China, the United States and Europe, the organization conducts a wide range of basic and applied research in the areas of Next-generation Services, Computer Servers, Networks, Electronic Devices and Advanced Materials. For more information, please see:

Press Contacts

Public and Investor Relations Division

Company:Fujitsu Limited

Technical Contacts

IoT Systems Laboratory

E-mail: E-mail:
Company:Fujitsu Laboratories Ltd.

All company or product names mentioned herein are trademarks or registered trademarks of their respective owners. Information provided in this press release is accurate at time of publication and is subject to change without advance notice.

Date: 16 February, 2017
City: Kawasaki, Japan
Company: Fujitsu Laboratories Ltd.