According to NIST Special Publication DRAFT 800-63-B4, a phishing-resistant authenticator offers “the ability of the authentication protocol to detect and prevent disclosure of authentication secrets and valid authenticator outputs to an impostor relying party without reliance on the vigilance of the subscriber.” Two examples of phishing-resistant authenticators are PIV cards for US Federal employees and FIDO authenticators paired with W3C’s Web Authentication API for the private sector.
More FIDO in the News
FindBiometrics: FIDO Heralds Increasing Prominence of its Standards in Mobile Sector
In this article, FindBometrics reports on how the FIDO Alliance is heralding the increasing prominence…
FindBiometrics: FIDO Gets High-Profile Endorsements at RSA 2017
FindBiometric shares highlights on FIDO from RSA 2017, including a summary of the FIDO Alliance’s…
InfoWorld: RSA Conference preview: The agenda can’t keep up
InfoWorld looks at the hottest long-running themes for the 2017 RSA Conference, including “security foundations”…
