Tech Industry Leaders Ship FIDO2 Certified Solutions to Reduce Password Use on the Web |
FIDO2 authentication standards enable websites to replace vulnerable passwords with cryptographically secure logins using convenient alternatives like biometrics and security keys Google Chrome Microsoft Edge and Mozilla Firefox browsers now support FIDO2 a big advancement since the standards were introduced last April Between this support and newly certified products supporting a wide variety of use cases service providers have all of the tools needed to roll out FIDO Authentication for their websites and applications FIDO Authentication has been proven to protect against the phishing and security risks associated with passwords provide better user experiences over remembering and typing passwords and lower authentication support costs With FIDO2 the tech industry has for the first time established a technology standard for strong phishing-resistant authentication on the web that promises better security and a better user experience These announcements today of certified products and leading web browser support deliver on that promise by bringing these new capabilities to market said Brett McDowell executive director of the FIDO Alliance Any web application consumer or enterprise mobile or desktop can now be enabled to take advantage of these innovations at internet scale with the full confidence that comes from an independent certification program designed and governed by their peers Organizations that have achieved FIDO2 certification for security key and biometric authenticators clients and servers include CROSSCERT KECA Korea Electronic Certification Authority Dream Security Co Ltd Korea ETRI eWBM Co Ltd IBM Infineon Technologies INITECH Co Ltd Nok Nok Labs Universal Server OneSpan Raonsecure Samsung SDS Singular Key Whykeykey Inc Yahoo Japan Corporation Yubico Products are certified for FIDO2 by the FIDO Alliance to ensure compliance with the specifications as well as interoperability among FIDO products Todays announcement also includes the first certified FIDO Universal Server which a service provider can use to ensure compatibility with authenticators based on all FIDO specifications FIDO UAF FIDO U2F and FIDO2 FIDO2 Details FIDO2 is comprised of the W3Cs Web Authentication specification and the corresponding Client to Authenticator Protocol CTAP from FIDO Alliance Collectively these standards enable users to leverage common devices to more easily authenticate to online services through mobile and desktop browsers FIDO2 supports a variety of authentication use cases and experiences including passwordless second-factor and multifactor for the highest levels of assurance Password-only logins can now be replaced with easy user gestures using embedded biometrics facial recognition iris scan fingerprint swipe and or portable security keys These simple user experiences are backed by strong cryptographic security that is transparent to the user and protects against phishing man-in-the-middle and attacks using stolen credentials FIDO2 web browsers and online services are also fully backward compatible with all previously certified FIDO U2F Security Keys Visit the FIDO Alliance website to get more information on FIDO2 including resources for developers and product vendors interested in taking part in the FIDO Certified program About the FIDO Alliance The FIDO Fast IDentity Online Alliance wwwfidoallianceorg was formed in July 2012 to address the lack of interoperability among strong authentication technologies and remedy the problems users face with creating and remembering multiple usernames and passwords The FIDO Alliance is changing the nature of authentication with standards for simpler stronger authentication that define an open scalable interoperable set of mechanisms that reduce reliance on passwords FIDO Authentication is stronger private and easier to use when authenticating to online services Supporting quotes from certified companies CROSSCERT KECA Korea Electronic Certification Authority David Ahn Director Our FIDO Certification service is credited for its strong security and convenience in the market and the cumulative number of domestic users exceeded 280 million as of September We will lead the biometric authentication market with the FIDO2 Simplified Cloud Authentication the next-generation authentication technology eWBM Co Ltd Stephen Oh PhD CEO The eWBM Golden Gate model eFA500 the FIDO2-certified fingerprint authenticator opens the door to the world of biometric authentication web access It is a compact and portable security device that provides a superior user experience thanks to its no-ID and no-password authentication functions IBM Security Shane Weeden Senior Technical Staff Member IBMs strong and alternative-to-password authentication strategy will benefit significantly from the WebAuthn and FIDO2 standards These specifications bring convenient frictionless strong authentication services to the mainstream web with consumer privacy as a primary consideration Infineon Technologies Joerg Borchert VP of Chip Card and Security We are very happy to provide the industrys first FIDO2 certified Reference Design based on the SLE78 single-chip solution Infineons reference design serves as development kit for fast and low risk FIDO2 USB and USB NFC token designs prepared to reach highest security levels Certification according to the specifications of the FIDO2 standard increases interoperability of the token and reduces production and support costs on the manufacturer side Nok Nok Labs Phillip Dunkelberger CEO and President Every day there is news of a new phishing or other scalable attack caused by the use of weak and stolen passwords Our breadth of experience as the most broadly deployed FIDO-based platform puts us in a unique position to deliver phishing-resistant privacy-conscious authentication in a passwordless user experience We look forward to bringing these solutions and benefits to our customers and partners as we deliver on our vision of fixing the security and ease of use flaws on the internet OneSpan Scott Clements CEO OneSpan has joined tech leaders such as Google and Microsoft in embracing the FIDO2 standard most recently with the certification of our Digipass 785 authenticator Rapid adoption of the FIDO2 standard spells good news for the unification of the authentication industry and for the security of consumers online Raonsecure Lee Soon-hyung CEO Considering South Koreas PC-oriented business environment it is expected that there are demands for FIDO2 for business systems such as groupware ERP CRM and others Samsung SDS Sean Im Senior Vice President of solution business division By acquiring FIDO2 certification Samsung SDS now offers secure and convenient Nexsign solution to PC users as well as mobile users In business perspective a stepping stone has been prepared to target the domestic and overseas B2B authentication markets Singular Key Hitesh Kalra Founder Todays announcement is a significant milestone towards a safer internet by eliminating the use of passwords and shared secrets FIDO provides agility for evolving user authentication flows and digital journeys Singular Key is committed to make it easy to deploy high assurance authentication at scale with its cloud-based FIDO Authentication Service Yahoo Japan Corporation Shinya Sugawara Vice President ID Solution Division Yahoo JAPAN launches a FIDO2-certified authentication service that has been officially accredited by FIDO Alliance at the first FIDO2 conformance test This innovative service ensures simpler and more secure authentication lessening the reliance on traditional passwords for users Yahoo JAPAN contributes to enhancing users passwordless experiences aligned with FIDOs effort towards simpler stronger authentication on the Web Yubico Stina Ehrensvard CEO and Founder Our mission has always been to drive open standards and ecosystem adoption by creating technical specifications open source components and the gold standard for authenticators With the YubiKey 5 Series FIDO2 Certification and growing momentum towards a passwordless world were proud to see our vision of one single security key to any number of services becoming a reality