Device Onboarding Overview

The FIDO Alliance’s FIDO Device Onboard (FDO) specification, is an automatic device onboarding protocol for edge nodes and IoT devices.

Device onboarding is the process of installing secrets and configuration data into a device to enable it to connect and interact securely with cloud and edge device management platforms. Owners can then manage devices using the platform to patch security vulnerabilities, install or update software, retrieve sensor data, interact with actuators, etc.

What is the FIDO Device Onboard (FDO) standard?

FIDO Device Onboard (FDO) enables IoT and Edge device onboarding at scale and provides a comprehensive authentication framework for distributed devices in keeping with the fundamental mission of the FIDO Alliance – passwordless authentication. Built on industry expertise, FDO delivers a zero-touch, zero-trust onboarding solution while providing hardware flexibility and late binding.

How FDO Works

The below graphic shows an FDO device moving through the supply chain lifecycle from manufacture to deployment with zero-touch provisioning in the client’s environment.

Visit the Download FDO Specifications web page to download the FDO specifications.

FDO Benefits

FDO offers a mechanism to automate device onboarding while meeting zero-trust and supply chain requirements. IT and Operations teams can quickly deploy edge and connected IoT devices at scale, while security teams can cryptographically verify device ownership and authenticate them. The benefits gained from an FDO deployment include increased efficiency, supply chain risk management, and zero-touch, secure device onboarding at scale. FDO can run on a wide range of processors and operating systems.

FDO Application areas

• Industrial applications such as discrete and process automation
• Healthcare
• Retail 
• Enterprise 

Late Binding of Devices

Unlike many ‘zero-touch’ onboarding solutions, FDO doesn’t require that each device is pre-programmed specifically for its target end user or management platform. Instead, FDO uses a digital proof of ownership called the ‘Ownership Voucher’ to allow the owner to ‘prove’ that they are the rightful owner of the device. This allows all devices to be manufactured in an identical fashion and then be ‘late bound’ to the chosen management platform. This reduces device SKUs and simplifies the manufacturing flow.

Certification

The FIDO Alliance offers a comprehensive FDO certification program so that users can purchase FDO enabled products with confidence that they meet the FDO specification, have passed security requirements and have been tested for interoperability.

Learn more about FDO

• Visit FIDO Device Onboarding Resources for the adoption guide, technical white papers, and on-demand videos
• Discover FIDO Certified FDO Products
• Get your product FDO Certified
• Get involved with the FIDO Alliance