FIDO Enterprise Adoption Best Practices

This white paper is aimed at enterprises and government agencies looking to expand their authentication capabilities to include FIDO technology, and have FIDO work in conjunction with other authentication systems such as a Public Key Infrastructure (PKI), Kerberos, and Lightweight Directory Access Protocol (LDAP) that may be in place at the organization.  This document specifically focuses on the use and coexistence of FIDO with a PKI, and answers the following questions:

  • How can FIDO protocols deliver new and/or enhanced business benefits to the enterprise?
  • Which enterprise applications (and application layer protocols) can use PKI?
  • Can FIDO be used to provide similar services as PKI for applications that use or can use public key cryptography?
  • Which enterprise security needs and security threats are best addressed using FIDO?
  • How can an expanded public-key cryptographic system incorporating PKI and FIDO benefit an enterprise?
  • What are the business implications for adding FIDO technology within an enterprise that already operates other authentication systems?

This document covers enterprise and government use cases. Consumer use cases are not in the scope of the whitepaper.


More

White Paper: Using FIDO with eIDAS Services

eIDAS stands for “electronic identification, authentication and trust services” It builds the legal basis for…

Read More →

How FIDO Standards Meet PSD2’s Regulatory Technical Standards Requirements On Strong Customer Authentication

This document provides a detailed review of the security requirements listed in the Regulatory Technical…

Read More →