LANGUAGE
  • 日本語
  • 한국어
  • 简体中文
  • English
  • What is FIDO?
  • Specifications
  • FAQ’s
  • Knowledge Base
  • Join
FIDO Alliance
  • The Alliance
    About FIDO Alliance
    • Alliance Overview
    • History of FIDO Alliance
    • FIDO Leadership
    • Legal & Logo Usage
    • Code of Conduct
    • Contact Us
    Our Membership
    • FIDO Members
    • Liaison Partners
    • Working Groups
    • Committees and Study Groups
    Join FIDO Alliance
    • Membership Benefits
    • Membership Application
    Newsletter Sign-Up
    FIDO Explained
  • Standards & Technology
    Work Areas
    • FIDO Authentication
    • Identity Verification & Binding
    • Device Onboarding
    FIDO Authentication
    • How FIDO Works
    • Passkeys
    • FIDO2
    • FIDO Alliance Metadata Service
    • FIDO Privacy Principles
    • FIDO Design System
    • FIDO UX Guidelines
    Specifications
    • User Authentication Specifications Overview
    • Download Authentication Specifications
    • Device Onboarding Overview
    • Download IoT Specifications
    Developers
    • Getting Started
    • Developer Resources
    • FIDO Developer Challenge 2022 – India
  • Discover FIDO
    Getting Started Knowledge Base
    • Intro to FIDO
    • Building the Business Case
    • Buying, Building & Partnering
    • Implementation & Deployment
    Adoption
    • FIDO Case Studies
    • Market Solutions
    • Government & Public Policy
    • PSD2 Compliance
    • Deployment Showcase
    • FIDO Government Deployments and Recognitions
    • FIDO in the Enterprise
    Resources
    Showcase
    Research
    Videos
    White Papers
    Presentations
    FAQ
  • FIDO® Certified
    FIDO Certification Programs
    • FIDO Certified Professional Program
    • FIDO Device Onboard (FDO)
    • Functional Certification
    • Authenticator Certification
    • Biometric Component Certification
    • Document Authenticity (Doc Auth)
    • Certification Maintenance and Updates
    Get Certified
    • Certification Overview
    • Certification Registration
    • Certification Fees
    • Secretariat
    • TMLA
    Certified Products
    • FIDO® Certified Products
    • FIDO Certified Showcase
  • News & Events
    Latest Updates
    • FIDO News Center
    • Events Calendar
    • FIDO in the News
    • Press Center
  • What is FIDO?
  • Specifications
  • FAQ’s
  • Knowledge Base
  • Join
Language
  • 日本語
  • 한국어
  • 简体中文
  • English
search
  • FIDO Authentication
    • How FIDO Works
    • Passkeys
    • FIDO2
    • FIDO Alliance Metadata Service
    • FIDO Privacy Principles
    • FIDO Design System
    • FIDO UX Guidelines
    • Download Specifications >
    1. Home 
    2. How FIDO Works

    How FIDO Works

    The FIDO protocols use standard public key cryptography techniques to provide stronger authentication. During registration with an online service, the user’s client device creates a new key pair. It retains the private key and registers the public key with the online service. Authentication is done by the client device proving possession of the private key to the service by signing a challenge. The client’s private keys can be used only after they are unlocked locally on the device by the user. The local unlock is accomplished by a user–friendly and secure action such as swiping a finger, entering a PIN, speaking into a microphone, inserting a second–factor device or pressing a button.

    The FIDO protocols are designed from the ground up to protect user privacy. The protocols do not provide information that can be used by different online services to collaborate and track a user across the services. Biometric information, if used, never leaves the user’s device.

    FIDO Registration

    graphic_Registration

    Registration:

    • User is prompted to choose an available FIDO authenticator that matches the online service’s acceptance policy.
    • User unlocks the FIDO authenticator using a fingerprint reader, a button on a second–factor device, securely–entered PIN or other method.
    • User’s device creates a new public/private key pair unique for the local device, online service and user’s account.
    • Public key is sent to the online service and associated with the user’s account. The private key and any information about the local authentication method (such as biometric measurements or templates) never leave the local device.

    FIDO Login

    graphic_Login

    Login:

    • Online service challenges the user to login with a previously registered device that matches the service’s acceptance policy.
    • User unlocks the FIDO authenticator using the same method as at Registration time.
    • Device uses the user’s account identifier provided by the service to select the correct key and sign the service’s challenge.
    • Client device sends the signed challenge back to the service, which verifies it with the stored public key and logs in the user.
    FIDO Alliance
    • What is FIDO?
    • How FIDO Works
    • FIDO2
    • Alliance Overview
    • Terms of Use
    • User Authentication Specifications Overview
    • Certification Overview
    • Knowledge Base
    • Press Center
    • Privacy Policy

    Join the Community

    Get the Latest Updates Participate in FIDO-Dev Forum

    Categories

    • Announcements
    • Building the Business Case
    • Buying, Building & Partnering
    • FIDO in the News
    • Implementation & Deployment
    • Intro to FIDO
    • Market Research
    • Perspectives
    • Uncategorized
    How FIDO Works

    Document Authenticity (DocAuth) Certification Program for Remote Identity Verification

    • Introduction
    • Certification Process Overview
    • Certification Fees
    • Accredited Labs
    • Get Certified
    • Resource Documentation
    Sign up for updates!Get news from FIDO Alliance in your inbox.

    By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.

    First Name
    Last Name
    Email
    Country
    Company
    Job Title
    • 日本語
    • 한국어
    • 简体中文
    • English