By Rae Rivera, Ph.D., Director of Certification, FIDO Alliance

The FIDO Alliance today  introduced a significant update to its Metadata Service (MDS). The service provides information about the certification status of authenticators, authenticator capabilities, and any known security issues. The FIDO MDS provides organizations deploying FIDO servers with a centralized and trusted source of information about FIDO authenticators. 

MDS is a web-based repository where vendors can publish metadata about their certified FIDO authenticators. Relying parties use this information  to validate authenticator attestation and prove the authenticity of the device model. 

With over 100 authenticator products on the market today, and demand for strong authentication on the rise, the need for an easy-to-use repository to load and view FIDO Certified authenticators has grown in importance. 

Just last week, the Biden administration mandated multi-factor authentication for all government agencies to thwart phishing attempts and protect against account takeover.  Governments and other regulated industries such as banking and healthcare especially need to know that authenticators being used to access their systems are genuine and meet certain requirements, including FIDO Certification status, compliance and other organizational requirements. The new features in the FIDO MDS allow organizations to more quickly and easily verify the attributes of the FIDO Authenticators being used to log in to their web services and applications. 

Today’s news is significant in several areas:

  1. The new MDS has a more efficient and effective user interface that greatly simplifies the uploading and publishing of metadata. 
  2. There is a simplified API for relying parties to download metadata.
  3. Metadata updates are now available daily instead of monthly, which ensures relying parties have access to the most up-to-date information.
  4. The new MDS data format is now a single JSON structure, making it more compatible with standard web development tools. The new MDS format uses human-readable strings instead of numerical values, making it easier to read and understand.
  5. The MDS data is now linked to the FIDO Certification program, which will ensure the reliability of the validity of metadata of FIDO Certified products. 
  6. The service now uses cloud caching to provide high availability and download performance. 

For more information visit


Securing the Edge and Connected Devices with FDO: an Authenticate Virtual Summit

Join Dell, IBM, Intel, Red Hat and more for education and guidance on leveraging FIDO…

Read More →

Blog: FIDO Alliance Publishes Guidance for U.S. Government Agency Deployment of FIDO Authentication

The U.S. government has embraced FIDO authentication, and is now looking for further guidance around…

Read More →

FIDO Alliance Releases Guidelines for Optimizing User Experiences with FIDO Security Keys

New guidelines aim to accelerate multi-factor authentication deployment and adoption with FIDO security keys Identiverse, Denver,…

Read More →