LANGUAGE
  • 日本語
  • 한국어
  • 简体中文
  • English
  • What is FIDO?
  • Specifications
  • FAQ’s
  • Knowledge Base
  • Join
FIDO Alliance
  • The Alliance
    About FIDO Alliance
    • Alliance Overview
    • History of FIDO Alliance
    • FIDO Leadership
    • Legal & Logo Usage
    • Code of Conduct
    • Contact Us
    Our Membership
    • FIDO Members
    • Liaison Partners
    • Working Groups
    • Committees and Study Groups
    Join FIDO Alliance
    • Membership Benefits
    • Membership Application
    Newsletter Sign-Up
    FIDO Explained
  • Standards & Technology
    Work Areas
    • FIDO Authentication
    • Identity Verification & Binding
    • Device Onboarding
    FIDO Authentication
    • How FIDO Works
    • Passkeys
    • FIDO2
    • FIDO Alliance Metadata Service
    • FIDO Privacy Principles
    • FIDO Design System
    • FIDO UX Guidelines
    Specifications
    • User Authentication Specifications Overview
    • Download Authentication Specifications
    • Device Onboarding Overview
    • Download IoT Specifications
    Developers
    • Getting Started
    • Developer Resources
    • FIDO Developer Challenge 2022 – India
  • Discover FIDO
    Getting Started Knowledge Base
    • Intro to FIDO
    • Building the Business Case
    • Buying, Building & Partnering
    • Implementation & Deployment
    Adoption
    • FIDO Case Studies
    • Market Solutions
    • Government & Public Policy
    • PSD2 Compliance
    • Deployment Showcase
    • FIDO Government Deployments and Recognitions
    • FIDO in the Enterprise
    Resources
    Showcase
    Research
    Videos
    White Papers
    Presentations
    FAQ
  • FIDO® Certified
    FIDO Certification Programs
    • FIDO Certified Professional Program
    • FIDO Device Onboard (FDO)
    • Functional Certification
    • Authenticator Certification
    • Biometric Component Certification
    • Document Authenticity (Doc Auth)
    • Certification Maintenance and Updates
    Get Certified
    • Certification Overview
    • Certification Registration
    • Certification Fees
    • Secretariat
    • TMLA
    Certified Products
    • FIDO® Certified Products
    • FIDO Certified Showcase
  • News & Events
    Latest Updates
    • FIDO News Center
    • Events Calendar
    • FIDO in the News
    • Press Center
  • What is FIDO?
  • Specifications
  • FAQ’s
  • Knowledge Base
  • Join
Language
  • 日本語
  • 한국어
  • 简体中文
  • English
search
  • Specifications
    • User Authentication Specifications Overview
    • Download Authentication Specifications
    • Device Onboarding Overview
    • Download IoT Specifications
    1. Home 
    2. User Authentication Specifications Overview

    User Authentication Specifications Overview

    The FIDO Alliance has published three sets of specifications for simpler, stronger user authentication: FIDO Universal Second Factor (FIDO U2F), FIDO Universal Authentication Framework (FIDO UAF) and the Client to Authenticator Protocols (CTAP). CTAP is complementary to the W3C’s Web Authentication (WebAuthn) specification; together, they are known as FIDO2.

    All FIDO protocols are based on public key cryptography and are strongly resistant to phishing (for more information, see How FIDO Works). They provide for a wide range of use cases and deployment scenarios.

    Read the technical specifications on the specifications download page.

    In addition to meeting the technical requirements, the FIDO Alliance developed further security requirements that need to be implemented to enhance the security assurance of each device. These requirements are covered in the Authenticator Certification program found on the Certified Authenticator Levels page. 

    FIDO2

    FIDO2 is comprised of the W3C Web Authentication specification and corresponding Client-to-Authenticator Protocols (CTAP) from the FIDO Alliance. FIDO2 supports passwordless, second-factor and multi-factor user experiences with embedded (or bound) authenticators (such as biometrics or PINs) or external (or roaming) authenticators (such as FIDO Security Keys, mobile devices, wearables, etc.).   

    FIDO2

    The specifications within FIDO2 are:

    W3C WebAuthn

    WebAuthn defines a standard web API that is being built into browsers and platforms to enable support for FIDO Authentication.

    CTAP2

    CTAP2 allows the use of external authenticators (FIDO Security Keys, mobile devices) for authentication on FIDO2-enabled browsers and operating systems over USB, NFC, or BLE for a passwordless, second-factor or multi-factor authentication experience.

    CTAP1

    The new name for FIDO U2F, CTAP1 allows the use of existing FIDO U2F devices (such as FIDO Security Keys) for authentication on FIDO2-enabled browsers and operating systems over USB, NFC, or BLE  for a second-factor experience.

    FIDO UAF

    FIDO UAF supports a passwordless experience. WIth FIDO UAF, the user carries a device with a FIDO UAF stack installed. They can then register their device to the online service by selecting a local authentication mechanism such as swiping a finger, looking at the camera, speaking into the mic, entering a PIN, etc. The FIDO UAF protocol allows the service to select which mechanisms are presented to the user.

    FIDO UAF - Passwordless Experience

    Once registered, the user simply repeats the local authentication action whenever they need to authenticate to the service. The user no longer needs to enter their password when authenticating from that device. FIDO UAF also allows experiences that combine multiple authentication mechanisms such as fingerprint + PIN.

    FIDO U2F

    FIDO U2F supports a second-factor experience. FIDO U2F allows online services to augment the security of their existing password infrastructure by adding a strong second factor to user login. The user logs in with a username and password as before. The service can also prompt the user to present a second factor device (such as a FIDO Security Key) at any time it chooses. The strong second factor allows the service to simplify its passwords (e.g. 4–digit PIN) without compromising security.

    Second Factor Experience - FIDO U2F

    During registration and authentication, the user presents the second factor by simply pressing a button on a USB device or tapping over NFC or BLE. The user can use their FIDO U2F device across all online services that support the protocol leveraging built–in support in web browsers.

    With the release of FIDO2, U2F has been relabeled as CTAP1.

    FIDO Alliance
    • What is FIDO?
    • How FIDO Works
    • FIDO2
    • Alliance Overview
    • Terms of Use
    • User Authentication Specifications Overview
    • Certification Overview
    • Knowledge Base
    • Press Center
    • Privacy Policy

    Join the Community

    Get the Latest Updates Participate in FIDO-Dev Forum

    Categories

    • Announcements
    • Building the Business Case
    • Buying, Building & Partnering
    • FIDO in the News
    • Implementation & Deployment
    • Intro to FIDO
    • Market Research
    • Perspectives
    • Uncategorized
    User Authentication Specifications Overview
    • Download Authentication Specifications
    • Download IoT Specifications

    Document Authenticity (DocAuth) Certification Program for Remote Identity Verification

    • Introduction
    • Certification Process Overview
    • Certification Fees
    • Accredited Labs
    • Get Certified
    • Resource Documentation
    Sign up for updates!Get news from FIDO Alliance in your inbox.

    By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.

    First Name
    Last Name
    Email
    Country
    Company
    Job Title
    • 日本語
    • 한국어
    • 简体中文
    • English