FIDO Alliance Passes 100 Post-Password Certified Solutions

The  cross-industry strong authentication standard known as FIDO has made progress on its goal to move beyond passwords: After just one year out there on the street, there are now more than 100 FIDO Certified solutions, being used by a range of application providers, including Google, PayPal, Samsung, Bank of America, NTT DOCOMO, Dropbox and GitHub.

FIDO authentication is also now enabled on devices from the top five global handset manufacturers, including Samsung, Apple and LG. And, last summer it announced that it had started signing up government agencies to directly participate in the development of FIDO standards. The first to join were the United States’ NSTIC/NIST; and the UK Office of the Cabinet.

The FIDO specifications are aimed at simplifying the development and maintenance of biometrics and other second-factor capabilities. The FIDO Alliance provides one unified specification and a certification process to ensure compliance and interoperability, so that pre-certified solutions and services can be used to add biometrics or other strong authentication security to online applications and systems.

Vendors with fresh FIDO Certified products include: DDS, Egis, ETRI, EyeVerify, Feitian Technologies, Gemalto, Huawei, Infineon, Inside Secure, Ledger, Lenovo, LG Electronics, Longmai, Morpho, NXP, Raonsecure, Samsung SDS, Secuve, Watchdata Technologies, SurePass ID and Yubico.

“This explosion of FIDO Certified products and adoption numbers confirm industry-wide endorsement of FIDO as the new strong authentication technology standard,” said Brett McDowell, executive director of the FIDO Alliance. “This increasing availability of FIDO Certified solutions creates an unprecedented opportunity for organizations to implement simple, usable and strong authentication and better protect customers, employees and data from the risks of data breaches, hacking and identity theft.”

The FIDO Alliance also said that is working on expanding the adoption of FIDO authentication by working with other standards bodies. It recently submitted a set of three technical specifications to the World Wide Web Consortium (W3C), to help form the foundation for this expansion.

The next FIDO Certified interoperability testing events will take place on March 8 for FIDO U2F and March 9-10 for FIDO UAF. Subsequent testing sessions will occur approximately every 90 days or as demand dictates.

Photo © LeoWolfert

What’s Hot on Infosecurity Magazine?