Security Encyclopedia

FIDO IOT Security

FIDO for the Internet of Things (IoT) is deployment of a solution built on top of the FIDO Alliance Universal Authentication Framework (UAF) that transforms connected “things” into secure “things”.

A FIDO IoT solution is an extension of the FIDO UAF protocol onto the device landscape — e.g. ATMs, cars, locks and homes — that utilizes secure decentralized firmware that can reside natively on a connected device. In such an implementation, the device itself becomes a standalone FIDO UAF validation server while the device-management app on the end user’s mobile device is integrated with a FIDO UAF software development kit (SDK) to transact with the IoT node.

An IoT-ready FIDO solution assumes a growing FIDO-centric device ecosystem is in place or coming to market. It also assumes that, for the IoT, a passwordless experience always trumps a legacy password-based system. An IoT-ready FIDO solution that is FIDO Certified has undergone rigorous security, performance, and interoperability testing. This scoring peaks to the solution’s readiness for enterprise deployments and to endorse its scalability across millions of users and devices with thousands of transactions per minute.


"As more homes, offices, and cars become connected 'things', we'll see a transition towards their management from password-based to passwordless. FIDO based solutions will play an important role for enhancing the security, usability, and privacy of all parties to this growing ecosystem of devices and users."