FIDO Authentication

Learn about FIDO authentication standards and discover how FIDO2 is eliminating passwords across the globe.

What is FIDO?

Fast Identity Online (FIDO) refers to a set of open authentication standards the enable a service provider to leverage existing technologies for passwordless authentication.

FIDO standards such as passkeys, FIDO2, Universal Authentication Framework (UAF), and Universal Second Factor (U2F) are developed by the FIDO Alliance, an industry consortium of technology leaders such as Apple, Google, HYPR and Microsoft.


How Does FIDO Secure Customer Applications?

FIDO SDKs are integrated into customer-facing applications to enable a passwordless authentication flow across mobile and web experiences. FIDO replaces the use of passwords and shared secrets with public key cryptography. This involves using a pair of cryptographic keys: a private passkey that’s kept secret on the user’s smartphone at the hardware-level, and a public key that is stored on the FIDO server.

How Does FIDO Secure Employee Access?

FIDO is deployed across enterprises to secure workstation login, as well as access to cloud applications, passwordless single sign-on, and corporate networks. FIDO can be used via built-in authenticators such as Windows Hello, with hardware security tokens, or by way of a mobile app. When deployed on a mobile app, FIDO can transform a smart phone into a smart card.

HYPR passwordless desktop mfa

What does FIDO do for Security Tokens?

FIDO standards have led to innovation in the field of security tokens, as well as the applications that support them. FIDO-Certified authentication provides interoperability with FIDO2 and U2F security keys such as YubiKey. Such devices are often used for securing passwordless desktop MFA for Windows, MacOS, Linux, and VDI workstations.

How are FIDO Deployments Managed?

Admin consoles such as the HYPR Control Center enable you to manage, provision, and deploy passwordless authentication across consumer and workforce use cases. By taking a fully API-driven approach, FIDO administration tools can integrate with your existing identity provider, fraud and risk engines.


Are All FIDO Products the Same?

Your organization has committed to password-less authentication. As you embark on your passwordless journey you discover there are numerous standards, products and approaches to choose from. Learn the key areas to consider when determining the right solution for your company.

Passwordless FIDO user evaluation guide

Become a FIDO Expert

Integrate FIDO SDKs

HYPR Serves on the Board of FIDO Alliance

HYPR sits on the FIDO Alliance Board of Directors and works alongside industry leaders such as Microsoft, Google, Aetna and Samsung to directly influence and help drive the FIDO Alliance’s mission to reduce the world’s over-reliance on passwords. Through the development of open standards, the FIDO Alliance empowers organizations worldwide to establish a more robust, secure approach to password elimination.

  • “Enterprises don’t buy standards – they buy solutions. Not all FIDO deployments are the same and its what you build on top of the standard that matters. HYPR has delivered a truly unique FIDO solution that emphasizes deployability, user experience, and trusted device security.”
    Nicholas Donofrio
    IBM Fellow Emeritus and EVP of Technology
  • “HYPR technology enables enterprises to finally tackle the password problem through a creative FIDO certified solution that enhances security and helps to reduce fraud.”
    Abbie Barbir
    Senior Security Architect, Aetna CVS Health
  • “As one of the earliest innovators of FIDO solutions, HYPR brings significant in-market expertise and perspective to FIDO’s board of directors, which will help inform our collective efforts to move the world beyond passwords,”
    Andrew Shikiar
    Executive Director & CMO, FIDO Alliance

FIDO and HYPR on the State of Passwordless

HYPR CEO and CTO Bojan Simic, and Andrew Shikiar, Executive Director of the FIDO Alliance, discuss findings from 2023 Passwordless Security Report, including:

  • Current authentication practices and their impact
  • The top breach vectors over the past year
  • The role of passkeys moving forward