Yuriy Ackermann, Sr. Certification Engineer, FIDO Alliance

The FIDO Alliance is  pleased to announce the release of the FIDO U2F version 1.2 specification. This update has been published as a “Proposed Standard” and comes after several months of work by FIDO members. The changes include:

  • Improvements to JavaScript and MessagePort APIs
  • U2F metadata statement support
  • Attestation Certificate X.509 Transport extension added
  • Silent-authentication mode added
  • Various fixes and editorial updates

Silent authenticator support is the highlight feature of this update.  It is particularly useful to FIDO-based federated solutions that need silent mode for “bearer token” like authentication modes. The major advantage of FIDO-based solutions is that key material cannot be compromised. Since FIDO protocols are based on digital signatures, and the private key is stored generally in secure enclaves, federated identity schemes can use the authenticator as an unrecoverable bearer token, and not worry about cross-site scripting (XSS) and malware on the client side.

With added support for Metadata Statements, vendors now can register FIDO U2F authenticators with a metadata service. This is particularly useful for service providers  who would want to restrict the types of the authenticators they accept. For example, a service provider may  only allow  FIDO Certified authenticators, or it may be required by regulation to only accept government-approved authenticators supporting particular protocols or certifications, such as FIPS, CSPN, AFSCM and others.

Another interesting feature is FIDO U2F X.509 Transport Extension. This gives service providers a better picture of the types of authenticators the user has, which helps improve the user experience.

Other changes include improved JavaScript API (JSAPI), U2FHID ISO enhancements, and forward compatibility with FIDO2.

For a detailed overview refer to our extended overview blog; “FIDO TechNote: A Detailed Look at FIDO U2F v1.2

 


More

FIDO APAC Summit 2024: Unlocking a Secure Tomorrow by Accelerating the Future of Authentication in Asia-Pacific

Building on the success of last year’s summit in Vietnam, the FIDO APAC Summit 2024…

Read More →

Passkeys Hackathon Tokyo: A Showcase of Innovation and Excellence

By Atsuhiro Tsuchiya, APAC Market Development Sr. Manager In June, Google and the FIDO Alliance…

Read More →

Bias in Biometrics: How Organizations Can Launch Remote Identity Verification Confidently

Most of us today are accustomed to unlocking our smartphones with a simple glance or…

Read More →