FIDO hails dawn of 'post-password era' with landmark protocol
09 December 2014 15:24 GMT

Many of the alternative authentication measures supported by Fido members focus on biometrics like Apple’s Touch ID fingerprint sensor.

The FIDO (Fast IDentity Online) Alliance, an open industry consortium that aims to replace passwords with universal multi-factor authentication, has today published a final draft of standards that it says will end the era of passwords.

The release of the final drafts of two specifications - the Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F) - mean online service providers and enterprises can now implement and broadly commercialize FIDO's multi-factor authentication standard.

"Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die," said Michael Barrett, president of the FIDO Alliance. "FIDO Alliance pioneers can forever lay claim to ushering in the 'post password' era, which is already revealing new dimensions in Internet services and digital commerce."

A number of Fido's members focus on alternative authentication measures supported by biometrics such as fingerprint, facial, voice and iris recognition.

Weak login credentials have featured as an especially embarrassing aspect of this month’s spiraling Sony hack, and Fido notes that “centralized datasets of personal and sensitive information [are the most targeted and the most vulnerable to scaled attacks”.

Fido says its new specifications outline a new standard for devices, servers and client software, including browsers, browser plugins, and native app subsystems.

It adds that “While the core 1.0 specifications are final, the FIDO Alliance is nearing completion of extensions that will incorporate Near Field Communications (NFC) and Bluetooth into the range of FIDO capabilities.”

Earlier this week, Wells Fargo Bank also become the latest financial institution to join the organization, which includes Bank of America, Visa International, Discover Financial Services, MasterCard, and PayPal, among others.

The alliance also counts Google, Alipay, Microsoft, Samsung, Lenovo, Qualcomm, and RSA among its more than 150 members.

Fido founding member Nok Nok Labs also revealed today that it has raised $8.25 million to grow its cross platform standard, reported Venture Beat magazine.

"The fact that the FIDO Alliance was able to develop complete specifications so quickly and with such broad support is evidence that they are tackling a pervasive industry pain point," said Steve Wilson, Vice President and Principal Consultant at Constellation Research.

"No consortium in the identity management (IdM) industry has ever grown so fast, with such strong representation from the technology buy side. What's most impressive is the FIDO Alliance's focus on the authentication plumbing.

"The protocols enable trusted client devices to trade just the right data about their users. FIDO specifications aren't tangled up in messy identity policy decisions. It's an elegant breakthrough, and, going forward, it should drive a lot of the classic complexity out of the IdM space."

Related articles

Nxt-ID, Giesecke & Devrient join Fido Alliance
NexID joins FIDO Alliance
IriTech joins FIDO Alliance

Industry Events

connect:ID 17-18 Mar 21