According to NIST Special Publication DRAFT 800-63-B4, a phishing-resistant authenticator offers “the ability of the authentication protocol to detect and prevent disclosure of authentication secrets and valid authenticator outputs to an impostor relying party without reliance on the vigilance of the subscriber.” Two examples of phishing-resistant authenticators are PIV cards for US Federal employees and FIDO authenticators paired with W3C’s Web Authentication API for the private sector.


More

FindBiometrics: FIDO Gets High-Profile Endorsements at RSA 2017

FindBiometric shares highlights on FIDO from RSA 2017, including a summary of the FIDO Alliance’s…

Read More →

InfoWorld: RSA Conference preview: The agenda can’t keep up

InfoWorld looks at the hottest long-running themes for the 2017 RSA Conference, including “security foundations”…

Read More →

The Hill: Securing government infrastructure with biometrics

This story from The Hill shares how open standards such as FIDO authentication can improve…

Read More →