According to NIST Special Publication DRAFT 800-63-B4, a phishing-resistant authenticator offers “the ability of the authentication protocol to detect and prevent disclosure of authentication secrets and valid authenticator outputs to an impostor relying party without reliance on the vigilance of the subscriber.” Two examples of phishing-resistant authenticators are PIV cards for US Federal employees and FIDO authenticators paired with W3C’s Web Authentication API for the private sector.


More

Biometric Update: Yubico hackathon to preview YubiKey 5.8 support for next-generation passkeys

Yubico will host a virtual developer hackathon for the FIDO Alliance developer community on August 5…

Read More →

PYMNTS: Mastercard Wants to Teach AI Agents How to Spend

For nearly 60 years, Mastercard has answered one question over and over. How do you get two…

Read More →

Biometric Update: EMVCo proposes global schema for verifiable digital payment credentials

EMVCo has put a draft framework out for consultation that aims to bring verifiable digital credentials…

Read More →


Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.