Word of the Day: FIDO

Word of the Day Daily updates on the latest technology terms |February 16, 2018

FIDO (Fast Identity Online) FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a non-profit organization formed in 2012. FIDO specifications support multifactor authentication (MFA) and public key cryptography. Unlike password databases, FIDO stores personally identifying information (PII), such as biometric authentication data, locally on the user's device to protect it. FIDO's local storage of biometrics and other personal identification is intended to ease user concerns about personal data stored on an external server in the cloud. By abstracting the protocol implementation with application programming interfaces (APIs), FIDO also reduces the work required for developers to create secure logins for mobile clients running different operating systems on different types of hardware. FIDO supports the Universal Authentication Framework (UAF) protocol and the Universal Second Factor (U2F) protocol. With UAF, the client device creates a new key pair during registration with an online service and retains the private key; the public key is registered with the online service. During authentication, the client device proves possession of the private key to the service by signing a challenge, which involves a user-friendly action such as providing a fingerprint, entering a PIN, taking a selfie or speaking into a microphone. With U2F, authentication requires a strong second factor such as a Near Field Communication (NFC) tap or USB security token. The user is prompted to insert and touch their personal U2F device during login. The user's FIDO-enabled device creates a new key pair, and the public key is shared with the online service and associated with the user's account. The service can then authenticate the user by requesting that the registered device sign a challenge with the private key. Quote of the Day "FIDO brings substantial gains to users and businesses, which explains its rapid adoption where other initiatives have failed to displace the password." - Michael Cobb   Trending Terms strong authentication multifactor authentication public key PII biometric authentication one-time password strong password   Learning Center FIDO authentication standard could signal the passing of passwords Governments and industry are turning to the FIDO authentication standard for long term solutions to the challenges of effective and secure authentication. Advanced Protection Program: How has Google improved security? The Google Advanced Protection Program enables individuals who are being targeted by malicious actors to add an additional layer of security to their accounts. Password-free authentication: Figuring out FIDO Will open FIDO standards for better interoperability of authentication technologies actually work? Here's an update on the specifications as the first products ship. What the FIDO specification means for multi-factor authentication Enterprises and security pros should stay up to speed on the FIDO specification as a new authentication standard for many reasons, including freedom from passwords and greater security. How to deal with identity and access management systems Learn how an identity and access management system can help secure the enterprise even in this age of complex technological advances. Writing for Business The credit union website uses?two-factor authentication to protect _____ members. a. their b. its Answer   Stay In Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com   Visit the Word of the Day Archives and catch up on what you've missed!   FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.