June 28, 2018

White Paper: Hardware-backed Keystore Authenticators (HKA) on Android 8.0 or Later Mobile Devices

Enabling Any Relying Parties to Create FIDO UAF (1.1 or later) Client Apps

This paper introduces the details of a hardware-backed Keystore authenticators (HKA) implementation approach, based on the first commercial deployment. It takes advantage of secure Android Keystore with key attestation and fingerprint sensors in hardware on standard off-the-shelf Android 8.0 or later mobile devices. Since it is enabled only by Android applications, any RPs and application developers can develop their own secure FIDO UAF 1.1 authenticators.

MORE Implementation & Deployment


Developer Tutorial: WebAuthn for Web & FIDO2 for Android

This developer tutorial covers two unique builds. The first is...


Developer Tutorial: Getting Started with WebAuthn

This developer tutorial was presented by Nick Steele, a researcher...


Developer Tutorial: Securing a Web App with FIDO Security Keys

This presentation was given by Luke Walker of Yubico at...

Download Specs