Today, secure access to online applications and services has evolved into a framework reliant on devices, public key cryptography and biometrics to replace the shared secrets of aging passwords. Since 2013, the FIDO Alliance has developed and advanced open and scalable standards to eliminate phishing and other security attacks. To introduce these improvements and to educate employees throughout corporate management and IT security, FIDO Alliance has developed a series of best practices and how-to white papers that match the Alliance’s goals with the responsibilities and titles of technology professionals. This work is dedicated to eliminating passwords and securing the simple act of logging on within all companies.
Enterprises that accept FIDO credentials are participating in a digital credential exchange. This white paper is intended for CISOs and IT professionals who are considering deploying FIDO across their enterprise. In this paper, we provide a high-level overview of the most common digital exchange – the authentication exchange. We will examine the participants, protocols, and decisions that enterprises must make regarding the creation, management, and usage of FIDO credentials.
