The FIDO (Fast IDentity Online) Alliance recently published final 1.0 drafts of two primary specifications: the Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F).
While the core 1.0 specifications are final, FIDO is also nearing completion of extensions that will incorporate Near Field Communications (NFC) and Bluetooth into the range of FIDO capabilities.
According to the Alliance, the specifications outline a new standard for devices, servers and client software, including browsers, browser plugins and native app subsystems.
In practical terms, this means any website or cloud application can interface with a broad variety of existing and future FIDO-enabled authenticators, including biometrics and hardware tokens. Simply put, FIDO specifications define an open, scalable, interoperable set of strong authentication mechanisms that reduce reliance on single-factor usernames and password logins.
“What’s most impressive is FIDO Alliance’s focus on the authentication plumbing. The protocols enable trusted client devices to trade just the right data about their users,” said Steve Wilson, Vice President and Principal Consultant at Constellation Research.
“FIDO specifications aren’t tangled up in messy identity policy decisions. It’s an elegant breakthrough, and, going forward, should drive a lot of the classic complexity out of the identity management (IdM) space.”
It should be noted that Rambus is a proud member of the FIDO Alliance, which comprises a wide range of device manufacturers, online service providers and enterprises.