News
Tech industry leaders ship FIDO2 certified solutions to reduce password use on the web
September 2018 by Marc Jacob
FIDO2 browser support and first certified products are available to reduce password use on the web, the FIDO Alliance announced. Now, any website can leverage FIDO2 strong authentication protocols from the W3C and FIDO Alliance to replace passwords with cryptographically secure logins using convenient alternatives like on-device biometrics and FIDO Security Keys.
Google Chrome, Microsoft Edge and Mozilla Firefox browsers now support FIDO2, a big advancement since the standards were introduced last April. Between this support and newly certified products supporting a wide variety of use cases, service providers have all of the tools needed to roll out FIDO Authentication for their websites and applications. FIDO Authentication has been proven to protect against the phishing and security risks associated with passwords, provide better user experiences over remembering and typing passwords and lower authentication support costs.
Organisations that have achieved FIDO2 certification for security key and biometric authenticators, clients and servers include: CROSSCERT: KECA (Korea Electronic Certification Authority); Dream Security Co., Ltd. Korea; ETRI; eWBM Co., Ltd.; IBM; Infineon Technologies; INITECH Co., Ltd.; Nok Nok Labs (Universal Server); OneSpan; Raonsecure; Samsung SDS; Singular Key; Whykeykey Inc.; Yahoo Japan Corporation; Yubico. Products are certified for FIDO2 by the FIDO Alliance to ensure compliance with the specifications, as well as interoperability among FIDO products. Today’s announcement also includes the first certified FIDO Universal Server, which a service provider can use to ensure compatibility with authenticators based on all FIDO specifications (FIDO UAF, FIDO U2F and FIDO2).
FIDO2 Details
FIDO2 is comprised of the W3C’s Web Authentication specification and the corresponding Client to Authenticator Protocol (CTAP) from FIDO Alliance. Collectively, these standards enable users to leverage common devices to more easily authenticate to online services through mobile and desktop browsers. FIDO2 supports a variety of authentication use cases and experiences, including passwordless, second-factor and multifactor for the highest levels of assurance. Password-only logins can now be replaced with easy user gestures using embedded biometrics (facial recognition, iris scan, fingerprint swipe) and/or portable security keys.
These simple user experiences are backed by strong cryptographic security that is transparent to the user and protects against phishing, man-in-the-middle and attacks using stolen credentials. FIDO2 web browsers and online services are also fully backward compatible with all previously certified FIDO U2F Security Keys.
