The Fast IDentity Online (FIDO) Alliance has reached 72 certified products available in the market.
FIDO, an industry consortium launched in 2013 to provide open standards for simpler, stronger authentication, has announced results from the most recent round of FIDO 1.0 certifications.
FIDO members, and others, leverage open FIDO standards for Android, Apple, iOS and Touch ID to use FIDO authentication in devices, services and applications instead of passwords. Companies, organizations and individuals can use FIDO U2F second-factor devices for stronger authentication, and can eliminate passwords entirely through FIDO UAF biometric solutions such as fingerprint or iris recognition sensors.
Newly certified FIDO 1.0 products include the first FIDO Certified iOS products from Egis, Nok Nok Labs and Samsung SDS, along with a line-up of smartphones.
For instance, the Nok Nok App SDK for iOS leverages the Secure Enclave and TouchID for both on-device and out of band authentication, allowing deploying organizations to deliver strong authentication across multiple platforms including iOS. And the Egis Touch ID-enabled UAF client allows mobile payment service providers to extend its online payment services on iOS.
If biometric data (like TouchID data) is used by a FIDO authenticator, the biometric information never leaves the device. FIDO authentication to the cloud is always performed by means of industry-standard public key cryptography.
“We are excited to pass the first FIDO Certification Process for iOS 9,” said Steve Ro, Chairman and CEO of Egis. “iOS plays a major part in mobile payment trends. “We will be able to provide more security, easy solutions, and products for authentication based on FIDO specifications. These specifications are changing the nature of authentication with standards for simpler, stronger authentication that reduce reliance on passwords.”
The new products also include FIDO applications, authenticators and servers from DDS, Goodix, Feitian, Hypersecu, LG Electronics, Neowave, Samsung and Sony.
“The FIDO ecosystem is emerging with an abundance of options that enable easy adoption of strong authentication for Internet providers and services, enterprise and consumers,” said Dustin Ingalls, president of the FIDO Alliance. “In less than three years, the FIDO Alliance has delivered standards and a range of products that make it possible now to see a world that doesn’t rely on passwords, but rather is prepared with more secure, private and convenient FIDO authentication.”
Certification testing is based on industry-standard best practices to objectively evaluate technical implementations of the FIDO 1.0 specifications, which are Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F).