FIDO Alliance Passes 150 Post-Password Certified Products

Written by

The FIDO Alliance has seen rapid growth over the last three months, with now more than 150 FIDO Certified biometric and two-factor authentication products in the hopper.

The growth marks a 50% increase in the last quarter—in January, it announced that it had passed 100 post-password certified solutions. The growth is mainly coming from Asia-Pacific.

“Fifty percent growth in certified products in just three months is further evidence that the FIDO specifications are increasingly accepted as the new standard for strong authentication technology,” said Brett McDowell, executive director of the FIDO Alliance. “You can see from the companies listed in today’s announcement that the Asia Pacific region is one of the fastest growing markets for FIDO authentication, largely driven by early demand from financial services and mobile network operators. This reinforces that the demand for simpler, stronger FIDO authentication is truly global.”

The FIDO Alliance is devoted to boosting online security with open standards for simpler, stronger authentication that moves beyond passwords (with an eye to eliminating them altogether). Taken together, the FIDO specifications, which were finalized in late 2014, define an open, scalable, interoperable set of strong authentication mechanisms that reduce the reliance on single­-factor username and password login. They take into account devices, servers and client software, including browsers, browser plugins and native app subsystems.

This latest round of certifications comes after the FIDO Alliance hosted its first Korean-based interoperability testing event, which garnered the largest number of FIDO-implementing companies to date. Organizations attending these events are able to test and validate their FIDO implementations to prove that their certified products truly interoperate with each other—a necessity for achieving the vision of universal and interoperable strong authentication.

Organizations with new FIDO Certified products include: BTWorks Inc., Crosscert, CrucialTec, Dayside, Inc., eWBM Co., Ltd., FacialNetwork Inc., GOTrust Technology Inc. (GO-Trust), HANCOM Secure Inc., INITECH Co., Ltd., International Systems Research Co., KICA Inc. (Korea Information Certificate Authority), KT, Open Security Research, Inc., SECUVE, SGA Solutions, SK Planet, SK Telecom Co.

“Certification of serious security components and sub-systems is absolutely essential as we have come to realize how much is at stake when authentication systems don’t perform as expected. With major data breaches escalating, so is demand for strong authentication,” said Steve Wilson, vice president and principal consultant at Constellation Research. “Moreover, demand for certified authentication solutions is also rising. A standards based authentication solution is only as good as its conformance to those standards.”

The growing collection of FIDO Certified products and services are part of the larger global trend: FIDO authentication is now enabled on devices from the top five global handset manufacturers. Additionally, service providers including Google, PayPal, Samsung, Bank of America, NTT DOCOMO, Dropbox and GitHub have made FIDO authentication available to protect hundreds of millions of end-users’ desktop and mobile apps, while RSA and eBay have launched FIDO-compliant solutions for enterprise and commerce deployment, respectively.

Samsung, for instance, has implemented the FIDO-based S3 Authentication Suite into its Samsung Galaxy smartphone line, to enable mobile payments via an integrated fingerprint sensor/biometric. So, users can authenticate to any FIDO-ready application with the existing security capabilities of their device.

Photo © alphaspirit

What’s hot on Infosecurity Magazine?