Passwords – or more correctly, the passwords that people choose – are notoriously weak links when it comes to protecting access, identity and information. FIDO is an industry consortium focused on developing open standards for “post-password” online authentication, that will ensure interoperability among strong authentication methods and technologies.
Those include biometrics such as fingerprint and iris scanners, voice and facial recognition, as well as existing solutions and communications standards like Trusted Platform Modules (TPM), USB security tokens, embedded secure elements (eSE), smart cards, Bluetooth low energy (BLE), and near field communications (NFC).
FIDO members commit to share technology and collaborate to deliver open specifications for universal strong authentication that enables FIDO-compliant authentication methods to be interoperable, more secure and private, and easier to use. FIDO authentication is designed with a core focus on privacy – all biometric or personal identifying information (PII) stays local on the user's device and is never shared to the cloud or over the network.
Microsoft follows Google, BlackBerry and others in supporting FIDO, but considering that Microsoft software runs on hundreds of millions of devices, and the technology leader maintains clear leadership in enterprise, desktop and laptop markets, its membership could be a game-changer for spurring on FIDO’s work.
"Microsoft and the many global leaders joining our endeavor in the last 10 months validates the work of the FIDO Alliance, and clearly indicates the imminent sea change set to move the world from a dependency on passwords to universal strong authentication," said Michael Barrett, president of the FIDO Alliance, in a statement. "Clearly, the Alliance is recognized as the foremost place to effect the changes needed to ensure future authentication that is simultaneously easier to use, more secure, and private.”
The open specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments. FIDO specifications allow the interaction of technologies within a single infrastructure, enabling security options to be tailored to the distinct needs of each user and organization.
"Joining the FIDO Alliance board of directors is a logical step for us as a way to serve our customers and the community," said David Treadwell, corporate vice president at Microsoft. "As a contributor to the FIDO Alliance working groups on next generation authentication, we look forward to furthering our innovation and thought leadership in the identity space."