Certification Submission

After passing both conformance self‐validation and interoperability testing, the implementation may be submitted for certification. This requires that the following be submitted:

Please note that they may take up to 10 business days to process.

Derivative Certification

For Consumer Electronics OEMs or other implementers that will be certifying a large number of implementations that are all based on the same FIDO® Certified implementation, FIDO offers derivative certification. The benefit of derivative certification is that the implementations are not required to go through interoperability testing and each derivative certification is subject to a lower fee than base certifications.

The requirement for derivative certification is that each derivative must have the same FIDO implementation and configuration as a certified implementation. Any hardware and software that play a significant role in the FIDO implementation must not be changed, with the exception of critical bug fixes and security patches. There is currently no requirement that the derivative and base certification be registered by the same company.

Derivative Scenarios

The following scenarios are designed to help determine whether an implementation qualifies for a Derivative Certification.

Implementation Derivative?
Company B Using a FIDO® Certified SDK from Company A Yes
Company B Using a FIDO® Certified hardware module with FIDO software burned into it from Company A Yes
Mobile Phone that is FIDO® Certified releases a new model Yes
Mobile Phone that is FIDO® Certified has several variations (e.g. different colors, 32GB, 64 GB) No. Variations that do not alter the implementation are covered under original certification.
Website using a FIDO enabled authentication based on a FIDO® Certified server component licensed from another company Yes
Company with FIDO® Certified implementation [New Product 1.0] introduces a new product[New Product 1.0.1] that is the same as the previous implementation, except that is fixes some typos, fixes some bugs, and applies new security patches No. Product is functionally the same and does not require new certification or derivative certification.
Company with FIDO® Certified implementation [New Product 1.0.1] introduces new product [New Product 1.1] that adds some features unrelated to FIDO No. Product is functionally the same and does not require new certification or derivative certification.
Company with FIDO® Certified implementation [New Product 1.1] introduces new product [New Product 2.0] that is different from New Product 1.1, but the FIDO components have remained unchanged Yes
Company with FIDO® Certified implementation [New Product 2.0] introduces New Product 3.0 that adds/removes/modified FIDO functionality No. Product must undergo the full certification process and receive a new certificate.

Bulk Derivative (Optional)

More than one Derivative may be submitted using the Certification Registration Form, as long as the following requirements are met:

  • All Derivatives must be from the same Base Certificate.
  • At least one of the Derivatives in each Certification Registration Form must complete the Derivative Test Plan (including passing Conformance Self-Validation Testing). The Derivative that meets this requirement should be the information filled out in the form.
  • For the remaining Derivatives being submitted, the Vendor must complete the Bulk Derivative Template (provided in Excel) and upload as the Bulk Derivative Submission in the Certification Registration Form.
  • The information for Derivative that has completed the Derivative Test Plan must not be duplicated in the Bulk Derivative Submission.

By uploading the Bulk Derivative Submission, the Vendor is self-attesting that the Derivatives listed in the form and the Bulk Derivative Submission do not change FIDO functionality and could meet the requirements outlined in the Derivative Test Plan.

Submitting a Derivative Certification Request

When registering for a Derivative Certification, the Base Certification Certificate number must be submitted along with Derivative Test Plan Results. The Derivative Test Plan Results are intended to show that the FIDO implementation has gone through at least a minimal amount of testing to ensure that the implementation is correct and functional.

The following are required as part of the Derivative FIDO Certification submission:

Relying Party Logo Usage

Relying Parties using FIDO® Certified Servers are invited to use the appropriate UAF and U2F FIDO logos with their services. By using the FIDO Logos, Relying Parties agree to abide by the terms for Relying Party Logo Usage. The UAF logos can be found here, and the U2F logos can be found here.

FIDO Certification Fees

Fees are per implementation certified and must be paid before a Certificate will be issued.

For an overview of the different Authenticator Certification options and fees, please review the Authenticator Certification Scenarios page.

For an overview of the Biometric Certification program, please go to the Biometric Certification Program page.

FIDO Certification Fees FIDO Member Non-Member
Functional Certification Fee $5,000 USD $6,500 USD
Authenticator Level 1 (L1) Certification Fee Free* Free*
Authenticator Levels 2 and higher Certification Fee $7,500 USD $13,000 USD
Derivative Certification Fee $500 USD $750 USD
Derivative Certification (Bulk) Fee $5,000 USD** $7,500 USD**
Delta Certification Fee $500 USD $750 USD

Biometric Certification Fees FIDO Member Non-Member
Biometric Certification Fees $10,000 USD $13,000 USD

* Authenticators completing L1 are required to pay the Functional Certification Fee, there is no additional fee for L1 Certification.

** The Bulk Derivative Certification Fee is paid prior to the issuance of the first Derivative Certificates from a Bulk Derivative Request and covers all Bulk Derivative Requests submitted for the following 12 months.