First FIDO UAF 1.1 Implementations Ease Deployment of Advanced Biometric Authentication on Android Devices
Sony Mobile Xperia™ smartphones from NTT DOCOMO are first devices to market
TOKYO, DECEMBER 8, 2017 – The FIDO Alliance, an industry consortium with 250+ member and partner organizations developing open standards for simpler, stronger authentication, announced today that the first FIDOⓇ Certified implementations of the FIDO UAF 1.1 specification are now available to ease deployment of FIDO Authentication on Android devices.
The first certified implementation of FIDO UAF 1.1 is from NTT DOCOMO, INC. for its d ACCOUNT™ application, available today on Xperia XZ1 (SO-01K) and Xperia XZ1 Compact (SO-02K) devices. This implementation utilizes a server from Nok Nok Labs, the first such implementation of FIDO UAF 1.1.
DOCOMO’s implementation leverages FIDO UAF 1.1’s support of new key attestation capabilities in Google’s latest mobile device operating system. This support enables any developer and/or service provider to create FIDO applications by integrating directly with Android APIs on any Android devices that support key attestation and fingerprint biometrics. This critical enhancement brings substantial time and cost savings over past implementations that required custom integration for each device model to enable FIDO UAF authentication capabilities.
“This first implementation of FIDO UAF 1.1 from DOCOMO showcases an important enhancement to the FIDO UAF specification: support for key attestation in Android 8.0. This means that the ability to build applications with FIDO Authentication is now openly available for all developers and service providers on any Android 8.0 device going forward – no customization needed,” said Brett McDowell, executive director of the FIDO Alliance. “This will be an accelerator of FIDO Certified apps on Android, not only in Asia where we have always seen a lot of first mover adoption, but everywhere app developers wish to offer users secure biometrics to replace passwords in a privacy-respecting manner.”
All FIDO specifications utilize public key cryptography and easy, single-gesture user experiences to provide authentication that is simpler and stronger than passwords, OTPs and other current forms of consumer authentication. The FIDO UAF specification provides a passwordless experience, most commonly through usage of biometrics. For more information on FIDO Authentication, visit http://fidoalliance.org/what-is-fido.
d ACCOUNT is a trademark of NTT DOCOMO, INC.
About the FIDO Alliance
The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance is changing the nature of authentication with standards for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO authentication is stronger, private, and easier to use when authenticating to online services.
The Verge: You can now sign into a Microsoft Account without a password using a security key
Microsoft is the first company to support passwordless authentication using...November 20, 2018
Bank Info Security: State of the Authentication Landscape
In this Bank Info Security article, Shane Weeden, an authentication...November 6, 2018
Tech Target: How can U2F authentication end phishing attacks?
Tech Target reports on Google’s adoption of FIDO U2F security...November 5, 2018