The FIDO standards, together with their companion WebAuthn specification, are on the cusp of an important new development: evolutionary changes to the standards proposed by the FIDO Alliance and the W3C WebAuthn community aim to markedly improve the usability and deployability of FIDO-based authentication mechanisms. As a result, FIDO-based secure authentication technology will for the first time be able to replace passwords as the dominant form of authentication on the Internet. 

In this paper, we explain how FIDO and WebAuthn standards previously enabled low-cost deployments of authentication mechanisms with very high assurance levels. While this has proved an attractive alternative to traditional smart card authentication, and even opened the door to high-assurance authentication in the consumer space, we haven’t attained large-scale adoption of FIDO-based authentication in the consumer space. We explain how the introduction of multi-device FIDO credentials will enable FIDO technology to supplant passwords for many consumer use cases as they make the FIDO credentials available to users whenever they need them—even if they replace their device.


More

White Paper: FIDO Authenticator Lifecycle Management for IT Administrators

Secure access to online applications and services has evolved into a framework reliant on devices,…

Read More →

FIDO Device Onboard: A Specification for Automated, Secure IoT Provisioning Technology

In the world of IoT, the first thing referenced is often the size of the…

Read More →

White Paper: FIDO for SCA Delegation to Merchants or Wallet Providers

The authentication of consumers during remote transactions has undeniable benefits in terms of security and…

Read More →