FIDO Enterprise Adoption Best Practices

This white paper is aimed at enterprises and government agencies looking to expand their authentication capabilities to include FIDO technology, and have FIDO work in conjunction with other authentication systems such as a Public Key Infrastructure (PKI), Kerberos, and Lightweight Directory Access Protocol (LDAP) that may be in place at the organization.  This document specifically focuses on the use and coexistence of FIDO with a PKI, and answers the following questions:

  • How can FIDO protocols deliver new and/or enhanced business benefits to the enterprise?
  • Which enterprise applications (and application layer protocols) can use PKI?
  • Can FIDO be used to provide similar services as PKI for applications that use or can use public key cryptography?
  • Which enterprise security needs and security threats are best addressed using FIDO?
  • How can an expanded public-key cryptographic system incorporating PKI and FIDO benefit an enterprise?
  • What are the business implications for adding FIDO technology within an enterprise that already operates other authentication systems?

This document covers enterprise and government use cases. Consumer use cases are not in the scope of the whitepaper.


More

Technical Note: FIDO Authentication and EMV 3-D Secure – Using FIDO for Payment Authentication

The FIDO Alliance defines standards that enable strong consumer authentication and seeks to use those…

Read More →

White Paper: FIDO Transaction Confirmation

Besides generic session authentication, there is an increasing need to gather explicit user consent for…

Read More →

White Paper: CXO Explanation: Why Use FIDO for Passwordless Employee Logins?

Today, secure access to online applications and services has evolved into a framework reliant on…

Read More →