FIDO 1.0 Specifications are Published and Final Preparing for Broad Industry Adoption of Strong Authentication in 2015
Mountain View, CA – December 9, 2014 The FIDO (Fast IDentity Online) Alliance (http://fidoalliance.org/), an open industry consortium delivering standards for simpler, stronger authentication, today published final 1.0 drafts of its two specifications – Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F). Members of the FIDO Alliance comprise device manufacturers, online service providers and enterprises, who can now implement and broadly commercialize FIDO 1.0 specifications to make authentication simpler and stronger for all.
“Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die,” said Michael Barrett, president of the FIDO Alliance. “FIDO Alliance pioneers can forever lay claim to ushering in the ‘post password’ era, which is already revealing new dimensions in Internet services and digital commerce.”
The specifications outline a new standard for devices, servers and client software, including browsers, browser plugins, and native app subsystems. Any website or cloud application can interface with a broad variety of existing and future FIDOenabled authenticators, ranging from biometrics to hardware tokens, to be used by consumers, enterprises, service providers, governments and organizations of all types.
Keeping with the FIDO Alliance mission, both specifications are unencumbered by FIDO member patents. Members are free to implement and market solutions around FIDOenabled strong authentication, and nonmembers are free to deploy those solutions. As previously announced, current implementations available in the market include those from
Nok Nok Labs, Synaptics, Alibaba, PayPal, Samsung, Google,Yubico and PlugUp.
While the core 1.0 specifications are final, the FIDO Alliance is nearing completion of extensions that will incorporate Near Field Communications (NFC) and Bluetooth into the range of FIDO capabilities. Continuing evolution of the specifications based on new requirements and/or deployment experience will help ensure ongoing alignment of FIDO standards with demands in the consumer devices, online services and enterprise markets.
“The fact that the FIDO Alliance was able to develop complete specifications so quickly and with such broad support is evidence that they are tackling a pervasive industry pain point,” said Steve Wilson, Vice President and Principal Consultant at Constellation Research. “No consortium in the identity management (IdM) industry has every grown so fast, with such strong representation from the technology buy side. What’s most impressive is the FIDO Alliance’s
focus on the authentication plumbing. The protocols enable trusted client devices to trade just the right data about their users. FIDO specifications aren’t tangled up in messy identity policy decisions. It’s an elegant breakthrough, and, going forward, it should drive a lot of the classic complexity out of the IdM space.”
“Our members’ determination, cooperation and tireless perseverance have delivered this landmark accomplishment in less than two years from announcing the FIDO Alliance and its goal to develop industry open standards for interoperable, privacyrespecting strong authentication,” said Brett McDowell, executive director of the FIDO Alliance. “I applaud and congratulate the members of the FIDO Alliance on these accomplishments, and look forward to our continued collective effort to bring FIDOenabled experiences to the global marketplace in 2015 and beyond.”
About The FIDO Alliance
The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The Alliance plans to change the nature of authentication by developing standardsbased specifications for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO authentication is stronger, private, and easier to use when authenticating to online services.
The FIDO Alliance Board of Directors includes leading global organizations:
Alibaba Holdings(NYSE: BABA); ARM Holdings plc (LSE: ARM and NASDAQ: ARMH);Bank of America Corporation (NYSE:BAC);BlackBerry®; CrucialTec
(KRX: 114120); Discover Financial Services (NYSE: DFS); Google; IdentityX ;Lenovo ; MasterCard(NYSE: MA); Microsoft(Nasdaq “MSFT”); Nok Nok Labs, Inc.; NXP Semiconductors N.V.(NASDAQ:NXPI); Oberthur Technologies OT;PayPal (NASDAQ:EBAY); Qualcomm, Inc.(Nasdaq: QCOM); RSA®; Samsung Electronics, Ltd(KOSCOM: SECL); Synaptics(NASDAQ: SYNA); Visa Inc. (NYSE: V); Yubico.
for FIDO Alliance
An Update from FIDO Alliance on Authenticate Conference
Authenticate Event Team Authenticate, the inaugural FIDO conference, will be...March 27, 2020
Financial Action Task Force Guidance Points to FIDO as Preferred Approach to Combat Authentication Vulnerabilities
This month, the Financial Action Task Force (FATF) released its...March 18, 2020
Agenda Announced for Authenticate 2020, the First FIDO Conference
Note: Authenticate, the inaugural FIDO conference, has been postponed from...February 26, 2020