FIDO Alliance

Passkey Central

Authenticate Conference

    Home

    /

    Commercial Deployment Showcase

    /

    Gemini

    Gemini

    Gemini is a cryptocurrency exchange and custodian, founded by Tyler and Cameron Winklevoss in 2014. Gemini enables its users to transact both via a website as well as mobile apps to buy, sell and store cryptocurrency assets.

    The Challenge/ Use Case

    As a financial services vendor in a space that is highly targeted by criminals, the need for strong authentication is paramount. 

    Gemini’s security efforts are led by Chief Security Officer Dave Damato who is no stranger to the security industry and previously worked at security incident response firm Mandiant.

    “So much of my career has been really focused on preventing and responding to incidents and strong two factor authentication is at the core preventing most of those attacks,” Damato said (in a session at the Authenticate Financial Services Summit). “It’s also why I’m so very enthusiastic about FIDO.”

    How Gemini Uses FIDO To Secure Its Users

    Gemini wanted to provide its users with the strongest level of security authentication to help minimize risk.

    While using an SMS based two factor approach can be better than just a username and password, given the high value of a Gemini account, attackers might well go through the steps necessary to bypass SMS two factor. Beginning in 2019, Gemini began offering its customers the highest level of security possible and it did this by starting to support the FIDO2 authentication standard.

    “FIDO2 is designed to overcome challenges and dramatically increase the cost for an attacker,” Damato said. “There’s no password that can be shared by our customers and that’s why FIDO2 is phishing resistant.”

    Benefits

    For Gemini, the use of FIDO2 provides a series of tangible risk mitigation benefits that helps to reduce the attack surface. Instead of needing to rely on a One-Time Password (OTP), SMS or backup codes, Gemini users can benefit from a more user-friendly FIDO2 powered experience.

    Among the most common types of attack is credential stuffing, where an attacker makes use of passwords lost or stolen from one site, to re-use or ‘stuff’ into another. With FIDO, that risk is minimized for Gemini. Since FIDO strong authentication is based on cryptography and not a shared secret, even if a user reuses a password, the deployment of FIDO will minimize the risk significantly.

    “The benefit to me as a company is that I don’t actually have to store, manage credentials or worry about other breaches, where credentials have been stolen,” Damato said.

    FIDO Alliance gemini logo

    More Commercial Deployments

    FIDO Alliance 2560px Logo CZ.NIC .svg

    CZ.nic

    The Company:  CZ.nic is a domain registry organization in the Czech Republic that has been…

    Read More →

    FIDO Alliance Shinhan Bank Logo ENG.svg

    Shinhan Bank

    Shinhan Bank in Korea uses FIDO-based fingerprint authentication to access its Sunny Bank mobile application.…

    Read More →

    FIDO Alliance pluscard

    PLUSCARD

    PLUSCARD, a full-service processor for 140 financial institutions across Germany, worked with Entersekt and its…

    Read More →

    Previous 1434445464754 Next

    Subscribe to the FIDO newsletter

    Stay Connected, Stay Engaged

    Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.