8 years in FIDO – What has happened so far
FIDO2 heralds a new age of Universal Authentication.
For several reasons, logging in to a website with your username and password may not be the ideal method of authentication. On one hand, the number of applications a person uses is constantly increasing. On the other hand, the security of credentials is increasingly at risk as cybercrime becomes more sophisticated and technologically advanced. Targeted brute-force attacks or seemingly harmless phishing attacks via email have become so common that users often do not even notice that their own credentials have been hacked.
Validity Sensors and PayPal deal with the use of biometrics to register online users instead of passwords. The session stimulated the idea of working on an industry standard based on public key cryptography that would allow password-less login with only local authentication.
The FIDO alliance was founded by PayPal, Lenovo, Nok Nok Nok Labs, Validity Sensors, Infineon and Agnitio. The development of a password-less authentication protocol was started.
Major Internet companies, system integrators and security providers have joined to form the FIDO (Fast IDentity Online) Alliance to revolutionise online authentication with an industry-supported standard-based open protocol. Finally, the Alliance was launched in California.
The comprehensive password less protocol FIDO v1.0 (called FIDO Universal Authentication Framework – FIDO UAF) and the second factor protocol (called FIDO Universal 2nd Factor – FIDO U2F) were completed and released at the same time. The production launch of fully compliant FIDO v1.0 devices and servers began.
cidaas, the modern Cloud Identity and Access Management solution, was created. Widas ID started the development of cidaas. With the best user experience in mind, cidaas added versatile, convenient and secure authentication methods.
In a pluggable approach, cidaas offers e.g. biometric methods like TouchID or WebAuthn, One-Time Passwords and many more. Customers can easily add and offer new methods.
With the seal Software hosted in Germany and ISO27001 certification, cidaas complies with the highest data protection and security standards.
The World Wide Web Consortium (W3C) has launched a new standard project for web authentication based on the FIDO2 2.0 web APIs proposed by the Alliance. The aim of the FIDO Alliance in this work called FIDO2 was to work with the W3C to standardise strong FIDO authentication across all web browsers and the associated web platform infrastructure.
The FEWG-FIDO Europe Working Group was established.
Based on Google Chrome, Microsoft Edge and Mozilla Firefox, the FIDO2 project heralds a new era of ubiquitous, phishing-resistant, strong authentication to protect Internet users worldwide.
cidaas announced to support FIDO2. Since then it is possible to experience FIDO2 and WebAuthn live on https://cidaas-in-action.cidaas.de/demo-site/demo and to test the new user experience.
Apple extends FIDO authentication support in Safari to iOS 14, MacOS Big Sur and iPadOS 14 and enables users to log in with FIDO on websites using Apple’s Face ID and Touch ID biometric authentication.
To learn more about cidaas, key features and various password-free authentication methods, please visit https://www.tschuesspasswort.de vorbei.