FIDO Adds Mobile Specs to Post-Password Mix

Written by

The Fast IDentity Online Alliance has released new specs aimed at mobile and wireless applications, including Bluetooth and near-field communications (NFC), and devices that do not have a USB port.

FIDO, an industry consortium launched in 2013 to revolutionize online security with open standards for simpler, stronger authentication, introduced additions to the FIDO 1.0 specifications with new transport protocols for FIDO U2F.

 “Within months of publishing the first FIDO standards, the FIDO Alliance continues to see strong demand from the marketplace,” said Dustin Ingalls, president of the FIDO Alliance. “Already enjoying robust adoption, FIDO U2F is ready for more implementers to join us in creating a stronger authentication environment.”

The U2F Bluetooth transport specification allows the creation of special-purpose, Bluetooth Low Energy U2F devices that require the press of a button to authenticate to an online service. In addition, phones and peripherals, which consume more power, can be programmed to act as U2F devices using either Bluetooth Low Energy or Bluetooth Classic.

The U2F NFC transport specification allows the creation of portable U2F devices such as credit cards and keyfobs that can be tapped against the target device to authenticate to an online service. Alternately, a mobile phone with NFC capability can be programmed to act as an NFC U2F device. The user taps the mobile phone onto a target device to authenticate.

“The addition of NFC and Bluetooth support in FIDO U2F illustrates our commitment to ensure FIDO standards are flexible, extensible and future-proof by design. With this strategy, FIDO standards will continue to see accelerated industry adoption as we move ever closer to our goal of ubiquitous FIDO authentication that is more secure, private and easy to use,” said FIDO Alliance executive director Brett McDowell.

What’s hot on Infosecurity Magazine?