The FIDO Alliance is involved in three areas to work towards achieving its mission to reduce the world’s reliance on passwords to better secure the web: user authentication; identity verification and binding; and the Internet of Things (IoT). The work areas address essential aspects of the digital identity lifecycle management including identity verification for initial account onboarding and account recovery and user and device authentication.
Identity Verification and Binding
FIDO Authentication has been proven to protect against account takeover through phishing and other credential-based attacks. For accounts protected with FIDO Authentication, the account recovery process when a FIDO device is lost or stolen becomes critical to maintaining the integrity of the user’s account. Validating a user’s identity with high assurance is an important aspect of this process, as well as for account onboarding processes, meeting Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements.
Strengthening identity verification assurance
Through its Identity Verification and Binding Working Group (IDWG), the FIDO Alliance aims to strengthen identity verification assurance to support better and more secure account recovery.
The FIDO Alliance has identified newer remote, possession-based techniques including biometric “selfie” matching and government-issued identity document authentication as having the potential to greatly improve the quality of identity assurance for new account onboarding and account recovery. The Alliance has also determined a market need for authoritative guidance, performance evaluation and certifications for their use. The IDWG will define criteria for remote identity verification and develop a certification program and educational materials to support the adoption of that criteria.
Learn more about the FIDO Alliance Working Groups carrying out the work of the FIDO Alliance.