What is FIDO?
Fast Identity Online (FIDO) refers to a set of open authentication standards the enable a service provider to leverage existing technologies for passwordless authentication.
FIDO standards such as FIDO2, Universal Authentication Framework (UAF), and Universal Second Factor (U2F) are developed by the FIDO Alliance, an industry consortium of technology leaders such as Apple, Google, HYPR, and Microsoft.
How Does FIDO Secure Customer Applications?
FIDO SDKs are integrated into customer-facing applications to enable a passwordless authentication flow across mobile and web experiences. FIDO replaces the use of passwords and shared secrets with public key cryptography. This involves using a pair of cryptographic keys: a private key that’s kept secret on the user’s smartphone at the hardware-level, and a public key that is stored on the FIDO server.
How Does FIDO Secure Employee Access?
FIDO is deployed across enterprises to secure workstation login, as well as access to cloud applications, passwordless single sign-on, and corporate networks. FIDO can be used via built-in authenticators such as Windows Hello, with hardware security tokens, or by way of a mobile app. When deployed on a mobile app, FIDO can transform a smart phone into a smart card.
What does FIDO do for Security Tokens?
FIDO standards have led to innovation in the field of security tokens, as well as the applications that support them. FIDO-Certified authentication provides interoperability with FIDO2 and U2F security keys such as Yubikey. Such devices are often used for securing passwordless desktop MFA for Windows, MacOS, Linux, and VDI workstations.
How are FIDO Deployments Managed?
Admin consoles such as the FIDO Control Center enable you to manage, provision, and deploy passwordless authentication across consumer and workforce use cases. By taking a fully API-driven approach, FIDO administration tools can integrate with your existing identity provider, fraud and risk engines.
Are All FIDO Products the Same?
Your organization has committed to a password-less authentication and you heard that a FIDO2 Certified product is the way to go. As you embark on your Passwordless journey you discover there are numerous vendors, standards, products and approaches to choose from. Now you’re probably wondering – are all FIDO products the same?
HYPR Serves on the Board of FIDO Alliance
HYPR sits on the FIDO Alliance Board of Directors and works alongside industry leaders such as Microsoft, Google, Aetna and Samsung to directly influence and help drive the FIDO Alliance’s mission to reduce the world’s over-reliance on passwords. Through the development of open standards, the FIDO Alliance empowers organizations worldwide to establish a more robust, secure approach to password elimination.
“As one of the earliest innovators of FIDO solutions, HYPR brings significant in-market expertise and perspective to FIDO’s board of directors, which will help inform our collective efforts to move the world beyond passwords,”
“HYPR technology enables enterprises to finally tackle the password problem through a creative FIDO certified solution that enhances security and helps to reduce fraud.”
“Enterprises don’t buy standards – they buy solutions. Not all FIDO deployments are the same and its what you build on top of the standard that matters. HYPR has delivered a truly unique FIDO solution that emphasizes deployability, user experience, and trusted device security.”
FIDO Industry News
Apple Joins the FIDO Alliance
Apple has a history of making fundamental shifts in the way people approach authentication. When Touch ID was released on the iPhone 5s it was an overnight success. It brought biometric authentication into the hands of the general public, making biometrics — formerly in the domain of criminal justice and border access authorities — commercially viable. This paved the way for the FIDO Alliance to deliver secure authentication to apps on every Apple device and improve the security posture for any relying party that chooses to adopt the technology.