LANGUAGE
  • 日本語
  • 한국어
  • 简体中文
  • English
  • 仕様概要
  • Knowledge Base
  • FIDOアライアンスへの入会方法
FIDO Alliance
  • The Alliance
    About FIDO Alliance
    • FIDOアライアンスの概要
    • FIDOアライアンスの沿革
    • 法務およびロゴの使用に関して
    • 行動規範
    • お問い合わせ先
    Our Membership
    • FIDO Members
    • Members
    • Liaison Partners
    • Liaison Partners
    • ワーキンググループ(作業部会)
    • Committees and Study Groups
    Join FIDO Alliance
    • メンバー特典と会費のレベル
    • FIDOアライアンスへの入会方法
    Newsletter Sign-Up
    FIDO Explained
  • Standards & Technology
    Work Areas
    • FIDO Authentication
    • FIDO認証
    • Identity Verification & Binding
    • Internet of Things
    FIDO Authentication
    • FIDOの仕組み
    • FIDO2
    • Metadata Service
    Specifications
    • 仕様概要
    • Specifications Overview
    • Download Specifications
    Developers
    • 開発者向けリソース
    • Getting Started
    • Developer Resources
  • Discover FIDO
    Getting Started Knowledge Base
    • Intro to FIDO
    • Building the Business Case
    Adoption
    • FIDO Case Studies
    • 業界別ソリューション
    • Market Solutions
    • FIDOアライアンスの政府および政策向けプログラム
    • Government & Public Policy
    • PSD2 Compliance
    • Commercial Deployments
    Resources
    Showcase
    Research
    Videos
    White Papers
    Presentations
    FAQ
  • FIDO® Certified
    FIDO Certification Programs
    • FIDO Certified Professional Program
    • Functional Certification
    • Authenticator Certification
    Get Certified
    • 認定の概要
    • 事務局
    • FIDO 商標ライセンス契約書: 付属文書 A
    Certified Products
    • FIDO® Certified Products
    • FIDO Certified Showcase
  • News & Events
    Latest Updates
    • Events Calendar
    • FIDO in the News
    • Press Center
    • FIDO Blog
  • 仕様概要
  • Knowledge Base
  • FIDOアライアンスへの入会方法
Language
  • 日本語
  • 한국어
  • 简体中文
  • English
search
  • Specifications - Japanese
    • 仕様概要
    • Specifications Overview
    • Download Specifications
    1. Home 
    2. User Authentication Specifications Overview 
    3. Download Authentication Specifications

    Download Authentication Specifications

    The latest versions of the FIDO Alliance user authentication specifications are available below. If you are new to FIDO, we recommend you first review the Specifications Overview before proceeding further.

    In addition to meeting the technical requirements, the FIDO Alliance developed further security requirements that need to be implemented to enhance the security assurance of each device. These requirements are covered in the Authenticator Certification program found on the Certified Authenticator Levels page.

    Older versions of the specifications can be found in the specification archive along with the Chinese translation of the UAF 1.0 specifications. The FIDO Specification Status and Intellectual Property Rights (IPR) of the FIDO Alliance specifications can be found here.


    The FIDO Alliances publishes the following technical specifications for any implementer to download. In addition, the Alliance is providing support for implementers of FIDO authentication technology by operating the fido-dev@fidoalliance.org public discussion list. Please post any questions you may have about implementing the FIDO specifications in that forum.

    The FIDO Alliance produces PDF-formatted specifications as a convenience for readers, however readers are advised to refer to the HTML-formatted specs if they encounter any formatting issues with the PDF-formatted specs. IF YOU ARE NOT YET A MEMBER OF THE FIDO ALLIANCE, AND YOU WOULD LIKE TO COMMENT ON OUR PUBLIC DRAFT SPECIFICATIONS, PLEASE USE THE CONTACT US FORM.

    FIDO2 Specifications
    CLIENT TO AUTHENTICATOR PROTOCOL (CTAP)
    This Proposed Standard document describes the Client-to-Authenticator Protocol (CTAP) which uses USB, NFC, and / or BLE for communication between browsers or platforms and FIDO2 authenticators.

    CTAP 2.1 Proposed Standard with Errata: HTML | PDF

    CTAP 2.1 Errata: HTML | PDF

    CTAP 2.2 Review Draft 01: HTML | PDF
    W3C - Web Authentication:
    An API for accessing Public Key Credentials
    Level 2 (Webauthn)

    This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users.

    Download: HTML
    UAF Specifications
    FIDO UAF Complete Specifications
    This is a zip file containing the FIDO Alliance Universal Authentication Framework (UAF) specification files:

    Change USB transport to conform to ISO7816-4
    NFC (ISO7816-4) support
    Bluetooth Low Energy support
    Updated JavaScript 1.1 specification
    Transports Extension specification
    Expanded Metadata Service specification to include U2F

    1.1 Proposed Standard: Files

    1.2 Proposed Standard: Files
    FIDO UAF Architectural Overview
    This overview document describes the various protocol design considerations in detail and also describes the user flows in detail. It describes the layering and intention of each of the detailed protocol documents.
    You should read this document first if you are new to UAF.

    1.1 Proposed Standard: HTML | PDF
    1.2 Proposed Standard: HTML | PDF
    FIDO UAF Protocol Specification
    This document defines the message formats and processing rules for all UAF protocol messages.

    1.1 Proposed Standard: HTML | PDF
    1.2 Proposed Standard: HTML | PDF
    UAF Application API and Transport Binding Specification
    This document describes the client-side APIs and interoperability profile for client applications to utilize FIDO UAF.

    1.1 Proposed Standard: HTML | PDF
    1.2 Proposed Standard: HTML | PDF
    FIDO UAF Authenticator-specific Module API
    This document defines Authenticator-specific Modules and the API provided to the FIDO client by ASMs.

    1.1 Proposed Standard: HTML | PDF
    1.2 Proposed Standard: HTML | PDF
    FIDO UAF Authenticator Commands
    This document describes Low-level functionality that UAF Authenticators should implement to support the UAF protocol.

    1.1 Proposed Standard: HTML | PDF

    1.2 Proposed Standard: HTML | PDF
    FIDO ECDAA Algorithm
    This document describes how to use Elliptic Curve (EC) Direct Anonymous Attestation (DAA) as a form of secure and private attestation for authenticators.

    1.1 Proposed Standard: HTML | PDF

    1.2 Review Draft: HTML | PDF

    2.0 Implementation Draft: HTML | PDF
    FIDO UAF APDU Commands
    This document defines a mapping of FIDO UAF Authenticator commands to Application Protocol Data Units (APDUs) thus facilitating UAF authenticators based on Secure Elements.

    1.1 Proposed Standard: HTML | PDF

    1.2 Proposed Standard: HTML | PDF
    UAF Registry of Predefined Values
    This document describes implementation considerations and recommendations for creators of U2F devices and for relying parties implementing U2F support.

    1.1 Proposed Standard: HTML | PDF
    1.2 Proposed Standard: HTML | PDF
    FIDO UAF Android This document defines the assertion format "APCV1CBOR" in order to use Android Protected Confirmation for FIDO UAF Transaction Confirmation.

    1.2 Proposed Standard: HTML | PDF
    FIDO UAF WebAuthentication Assertion Format
    This document defines the assertion format "WAV1CBOR" in order to use Web Authentication assertions through the FIDO UAF protocol.

    1.2 Proposed Standard: HTML | PDF
    FIDO UAF ERRATA
    This errata is being published to address certain issues that have been identified in the UAF v1.1 Specification. All Specifications and errata are required to be approved by the FIDO Board prior to publication.

    1.1 Implementation Draft: PDF
    FIDO Metadata
    FIDO Authenticator Metadata Statements
    This document defines the authenticator metadata. This metadata, in turn, describes FIDO authenticator form factors, characteristics, and capabilities. The metadata is used to inform relying party interactions with, and make policy decisions about, the authenticators.

    1.1 Proposed Standard: HTML | PDF

    3.0 Proposed Standard: HTML | PDF
    FIDO Authenticator Metadata Service
    Baseline method for relying parties to obtain FIDO Metadata statements.

    1.1 Proposed Standard: HTML | PDF

    3.0 Proposed Standard: HTML | PDF
    FIDO2 and UAF Common Files
    FIDO Registry of Predefined Values
    This document defines all the strings and constants common to all FIDO specifications.

    1.1 Proposed Standard: HTML | PDF

    2.2 Proposed Standard: HTML | PDF
    FIDO AppID and Facet Specification
    This document defines the scope of user credentials and how a trusted computing base that supports application isolation may make access control decisions about which keys can be used by which applications and web origins.

    1.1 Proposed Standard: HTML | PDF

    2.1 Proposed Standard: HTML | PDF
    FIDO Security Reference
    Provides an analysis of FIDO security based on detailed analysis of security threats pertinent to the FIDO protocols based on its goals, assumptions, and inherent security measures.

    1.1 Proposed Standard: HTML | PDF

    2.1 Proposed Standard: HTML | PDF
    FIDO Technical Glossary
    Defines the technical terms and phrases used in FIDO Alliance specifications and documents.

    1.1 Proposed Standard: HTML | PDF

    2.1 Proposed Standard: HTML | PDF
    FIDO ECDAA Algorithm

    This document describes how to use Elliptic Curve (EC) Direct Anonymous Attestation (DAA) as a form of secure and private attestation for authenticators.

    1.1 Proposed Standard: HTML | PDF

    2.1 Proposed Standard: HTML | PDF
    U2F SPECIFICATIONS
    FIDO U2F Complete Specifications
    This is a zip file containing the U2F 1.2 Specifications public snapshot of FIDO Alliance Universal 2nd Factor (U2F) specs approved July 11th, 2017. Included in the latest U2F 1.2 specifications are:

    Change USB transport to conform to ISO7816-4
    NFC (ISO7816-4) support
    Bluetooth Low Energy support
    Updated JavaScript 1.1 specification
    Transports Extension specification
    Expanded Metadata Service specification to include U2F
    You should read this document first if you are new to U2F.

    1.2 Proposed Standard: Files
    FIDO U2F Architectural Overview
    This overview document describes the various design considerations which go into the protocol in detail and describes the user flows in detail. It describes the layering and intention of each of the detailed protocol documents. It describes the various privacy considerations in the protocol design through the document and summarizes these at the end
    You should read this document first if you are new to U2F.

    1.0 Proposed Standard: HTML

    1.2 Proposed Standard: PDF

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO U2F JavaScript API
    This document describes the client side API in the web browser for accessing U2F capabilities. An online service or website can levearge U2F by using this API on the client side and pairing it with a server which can verify U2F messages on the server side. (Later specifications will describe APIs in non-browser contexts).


    1.0 Proposed Standard: HTML

    1.2 Proposed Standard: PDF

    1.2 Proposed Standard: Files

    1.2 Proposed Standard: Files
    FIDO U2F Raw Message Formats
    This document describes the binary format of request messages which go from the FIDO U2F server to the FIDO U2F token and the binary format of the response messages from the token to the server. These messages are encoded by the browser (FIDO client) for communication over a particular transport (such as USB) to the cryptographic core of the token which performs key generation and signing. A header file with standard values is also specified.

    1.0 Proposed Standard: HTML

    1.2 Proposed Standard: PDF

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO U2F HID Protocol
    This document describes how the browser (FIDO client) frames the binary raw messages coming from the javascript API for transport over USB-HID to a U2F token. The binary raw messages are described in the 'FIDO U2F Raw Message Formats' document. A header file with standard values is also specified. [Later specifications will specify how the javascript APIs frames raw messages over other (non-USB) transports].

    1.0 Proposed Standard: HTML

    1.2 Proposed Standard: PDF

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO U2F Bluetooth® protocol
    This document describes the communication protocol between a FIDO client and FIDO authenticators over Bluetooth technology and Bluetooth Smart.

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO U2F NFC Protocol
    This document describes the communication protocol between a FIDO client and FIDO authenticators over Near Field Communication (NFC).

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO U2F Transport Extensions
    This standard describes one way relying parties may learn which transports an authenticator supports, by allowing authenticator vendors to embed hardware features as an optional extension in the authenticator’s attestation certificate.

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO U2F Implementation Considerations
    This document describes implementation considerations and recommendations for creators of U2F devices and for relying parties implementing U2F support.

    1.0 Proposed Standard: HTML

    1.0 Proposed Standard: PDF

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO AppID and Facet Specification
    This document defines the scope of user credentials and how a trusted computing base which supports application isolation may make access control decisions about which keys can be used by which applications and web origins.

    1.0 Proposed Standard: HTML

    1.0 Proposed Standard: PDF

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO Security Reference
    Provides an analysis of FIDO security based on detailed analysis of security threats pertinent to the FIDO protocols based on its goals, assumptions, and inherent security measures.

    1.0 Proposed Standard: HTML

    1.0 Proposed Standard: PDF

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO Technical Glossary
    Defines the technical terms and phrases used in FIDO Alliance specifications and documents.

    1.0 Proposed Standard: HTML

    1.0 Proposed Standard: PDF

    1.2 Proposed Standard: HTML

    1.2 Proposed Standard: PDF
    FIDO U2F Readme
    This is a README for the U2F 1.2 Implementation Draft public snapshot of the Universal Second Factor (U2F) specs as of July 11, 2017.

    1.0 Proposed Standard: TXT

    1.2 Proposed Standard: TXT

    About FIDO Specification Status and Intellectual Property Rights (IPR)

    Summary of IPR Status of the Specifications on this site:

    SpecificationSpecification Status
    U2F 1.0Proposed Standard Expanded to the World
    U2F 1.1

    Proposed Standard Expanded to the World
    U2F 1.2Proposed Standard Expanded to the World
    UAF 1.0Proposed Standard Expanded to the World
    UAF 1.1Proposed Standard Expanded to the World
    FIDO2 Submission to W3CProposed Standard Expanded to the World
    FIDO2 CTAPProposed Standard Expanded to the World
    FIDO Device Onboard 1.0Proposed Standard Expanded to the World
    FIDO Device Onboard 1.1Proposed Standard Expanded to the World

    Explanation of IPR Status FIDO Alliance specifications progress through various stages, Pre-Draft, Working Draft, Review Draft and Proposed Standard. The Promise, the agreement FIDO Alliance Member organizations make to grant a royalty-free license of their patent rights for compliant implementations, is applied differently based on the specification stage. The Promise does not apply for Pre-Draft, Working Draft and Review Draft specification stages. At Proposed Standard stage, the Promise is provided by all FIDO Alliance members of the relevant Technical Working Group to the entire world. For any FIDO Alliance specifications issued as Proposed Standard before January 1, 2020, the Promise is a covenant not to assert patent rights against compliant implementations and is provided by all the then FIDO Alliance members to the entire world. It is understood that the above is a brief summary and that the actual terms are provided in the FIDO Alliance Membership Agreement, which should be consulted for any specific case.

    Patent Notices The FIDO Alliance Membership Agreement provides Members the opportunity to make withdrawals of Granted Claims from the Promise under certain conditions. The FIDO Alliance Membership Agreement should be consulted for the specific conditions. The Board is pleased to report to the public that it has received no such notice pertaining to any of the Specifications published on this site. Implementers interested in learning more about what this means are encouraged to review our IPR Summary and/or section 6 of the FIDO Alliance Membership Agreement.

    FIDO Alliance
    • FIDOとは
    • FIDOの仕組み
    • How FIDO Works
    • FIDOアライアンスの概要
    • FIDO2 Project
    • Terms of Use
    • SPECIFICATIONS OVERVIEW
    • 仕様概要
    • CERTIFICATION OVERVIEW
    • 認定の概要
    • KNOWLEDGE BASE
    • Knowledge Base
    • PRESS CENTER
    • PRIVACY POLICY

    Join the Community

    Get the Latest Updates Participate in FIDO-Dev Forum

    Categories

    • Announcements
    • Building the Business Case
    • Buying, Building & Partnering
    • FIDO in the News
    • FIDOリソース
    • Implementation & Deployment
    • Intro to FIDO
    • Market Research
    • Perspectives
    • Uncategorized
    User Authentication Specifications Overview
    • Download Authentication Specifications
    • Download IoT Specifications

    Document Authenticity (DocAuth) Certification Program for Remote Identity Verification

    Sign up for updates!Get news from FIDO Alliance in your inbox.

    By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.

    First Name
    Last Name
    Email
    Country
    Company
    Job Title
    • 日本語
    • 한국어
    • 简体中文
    • English