FIDO Certification is currently available for UAF 1.0, and U2F 1.0 and 1.1 Specifications for Server, Client, and Authenticator implementations. For U2F, the transport may be Bluetooth Low Energy, NFC, or USB.
All implementations completing the FIDO Certification process are required to pass Functional Certification requirements, including Conformance Self-Validation and Interoperability Testing.
Note that Authenticators, as the key to FIDO security, are able to certify to different levels. Higher levels provide higher assurance of security and privacy. Currently Level 1 and Level 2 are available, see Authenticator Certification Levels for more information. Additional process steps are required for L1 and L2 Certification after Functional requirements are met.
Supported Specification Versions
Certification is always available for the latest version of a FIDO Specification.
The Certification Availability date is the first day Certification is available, and the Sunset Date is the day that Certification will no longer be available. Sunset dates are assigned when a new version of a specification family is available for Certification. For Servers the period between certification availability of the new version and the sunset date of the previous version is 6 months, and for Clients and Authenticators is 18 months.
Certification is currently supported for the following specification versions:
|Specification||Implementation Class||Version||Certification Availability Date||Sunset Date|
Functional Certification Policy Versions
The following table includes links to the current and previous versions of the Functional Certification Policy.
When the policy document is updated, changes are mandatory for new certifications 18 months after the publication date for major versions, and 90 days after the publication date for minor versions.
Active versions indicate the versions currently available for Certification.
|Policy Version||Publication Date||Mandatory for New Certifications Date||Version Summary|
|1.3.2||2017-07-27||2018-11-23 – Active||Added a step to the Revocation process which requires approval from the Board Certification Committee prior to revoking a Certification.|
(Replaced by v1.3.2)
|Added the option to list multiple Derivatives on one Certification Request as long as they are from the same Base Certificate. Added Revocation section within Certification Issuance. Removed of some L1 Interoperability Requirements as decided by SRWG.|
(Replaced by v1.3.2)
|Changes to support Authenticator Certification Levels. New Requirement for Authenticators to complete L1 or L2 Certification.|
|1.2.5||2017-03-09||2017-06-07 – Active||Transport Certification requirements updated from Mandatory to Optional.|
|1.2.4||2017-02-07||2017-05-08||Clarified that Derivatives are bound to the Functional Certification Policy for which the original (base) certification was certified against.|
|1.2.3||2016-12-01||2017-03-01||Added the requirement for U2F Authenticators to submit Metadata.|
|1.2.2||2016-09-08||2016-12-07||Added the requirement for Derivatives to complete Conformance Self-Validation Testing.|
|1.2.1||2016-07-28||2016-10-26||Added Specification Version Retirement and Certification Version Maintenance sections.|
|1.2.0||2016-05-18||2016-08-16||Added the option for On Demand Interoperability Testing.|
|1.1.1||2016-03-17||2016-06-15||Deprecation of FIDO ReadyTM, Non-Member Access Agreement and Fee removed, changes to support Interoperability Events with a high number of attendees. Vendor Self-Assertion checklist added as a Certification Request requirement.|
|1.1.0||2015-09-03||2015-12-02||Minor program clarifications.|
Authenticator Certification Policy Versions
The following table includes links to the current and previous versions of the Authenticator Certification Policy.
|Policy Version||Publication Date||Active Date||Version Summary|
|1.0.0||2017-05-23||2017-05-23 – Active||Initial version for FIDO Authenticator Certification Levels|