FIDO Authentication
A Passwordless Vision
The industry’s answer to the password problem
The FIDO Alliance developed FIDO Authentication standards based on public key cryptography for authentication that is more secure than passwords and SMS OTPs, simpler for consumers to use, and easier for service providers to deploy and manage. FIDO Authentication enables password-only logins to be replaced with secure and fast login experiences across websites and apps.
Enabling a fundamental shift to phishing-resistant authentication
From legacy, knowledge-based credentialing
To modern, possession-based credentialing
- Stored on a server
- SMS OTP
- KBA
- Passwords
- On-device (never on a server)
- Local Biometric / PIN
- DocAuth
- Multi-device FIDO credentials
What is FIDO2?
FIDO2 enables users to leverage common devices to easily authenticate to online services in both mobile and desktop environments.
The FIDO2 specifications are the World Wide Web Consortium’s (W3C) Web Authentication (WebAuthn) specification and FIDO Alliance’s corresponding Client-to-Authenticator Protocol (CTAP).
Benefits of FIDO Authentication
Security
FIDO2 cryptographic login credentials are unique across every website, never leave the user’s device and are never stored on a server. This security model eliminates the risks of phishing, all forms of password theft and replay attacks.
Convenience
Users unlock cryptographic login credentials with simple built-in methods such as fingerprint readers or cameras on their devices, or by leveraging easy-to-use FIDO security keys. Consumers can select the device that best fits their needs.
Privacy
Because FIDO cryptographic keys are unique for each internet site, they cannot be used to track users across sites. Plus, biometric data, when used, never leaves the user’s device.
Scalability
Websites can enable FIDO2 through a simple JavaScript API call that is supported across leading browsers and platforms on billions of devices consumers use every day.
