October 21, 2020

White Paper: Considerations for Deploying FIDO Servers in the Enterprise

Today, secure access to online applications and services has evolved into a model based on devices, public key cryptography and biometrics to replace the anachronistic use of passwords as shared secrets. Since 2013, the FIDO Alliance has developed open and scalable advancements to eliminate phishing and other security attacks. To introduce these improvements and to educate employees throughout corporate management and IT security, FIDO Alliance has developed a series of best practices and how-to white papers that match the Alliance’s goals with the responsibilities and titles of technology professionals. This work is dedicated to eliminating passwords and securing the simple act of logging on within all companies. 

A FIDO server is a necessary component in a FIDO implementation. The FIDO server stores the user’s public key credential and account information. During a FIDO Authentication or registration flow, the server generates a cryptographic challenge in response to a request from the application. The server then verifies the signature provided by the client using the server’s corresponding public key, and logs the user in. 

This white paper is intended for IT professionals and identity architects to guide them in choosing the right FIDO server implementation and deployment architecture when integrating and enabling FIDO-based authentication in enterprise applications. Enterprises must consider several factors in their planning to select and deploy a FIDO server, including build vs. buy assessment (and the risks and benefits associated with each), the desired deployment model, the required server capabilities, and the security and privacy requirements. 

MORE Implementation & Deployment

Webinar: Inside Intuit’s FIDO Journey

Intuit is the global financial technology platform that powers prosperity...

August 3, 2023

Intuit’s ROI from Passwordless Customer Authentication

Business Situation Intuit is the global financial technology platform that...

June 29, 2023

White Paper: High Assurance Enterprise FIDO Authentication

This white paper addresses specific considerations for determining the appropriate...

June 27, 2023

White Paper: FIDO Authentication for Moderate Assurance Use Cases

This white paper provides guidance for organizations as they analyze...