A FIDO server is a FIDO Certified component that conforms to the UAF, U2F or FIDO2 specification created by the FIDO Alliance. The server provides an application with a programming interface that organizations or individuals can leverage with a FIDO Certified client in order to perform strong authentication that does not rely on shared secrets.
The FIDO Server is typically deployed by organizations within a secure network behind a Relying Party that invokes the server when a user authentication is required. At that point, the server will require one or more authenticators to execute on a random challenge that is issued and will then verify a signature provided by the client that’s signed using the server’s corresponding public key.
A FIDO Server, also called a FIDO Validation Server, is just one component of a complete solution enabling an online service provider to authenticate its users securely and seamlessly without passwords. The server communicates with other elements of a solution’s passwordless authentication architecture, often a software development kit (SDK) embedded within mobile, web, and IoT apps. The server can be deployed on premise as is customary among many regulated enterprises, or on cloud.
A FIDO Certified server undergoes rigorous security, performance, and interoperability testing to ensure its readiness for enterprise deployments and to endorse its scalability across millions of users with thousands of transactions per minute. FIDO2 servers that are certified by the alliance support its Web Authentication Framework, Universal Authentication Framework (UAF), and Universal Second Factor (U2F) authentication protocols. Some FIDO servers are pre-integrated with major IAM, IdP and KYC providers allowing fast and easy deployment across an enterprise. Others offer a management console giving enterprise administrators authority and visibility over biometric orchestration, passwordless authentication policies, management of public keys and verification of the signatures created on the mobile device.
Want to learn more about Fast Identity Online? Explore the FIDO Authentication Guide.
For a technical deep dive, read documentation on FIDO Architecture.
FIDO Server Authentication Flow
FIDO Authentication Demo: