The FIDO SolutionWhat Makes FIDO Different?
-
What’s different about the FIDO approach?
The majority of solutions ask the user to remember a selection of security questions in addition to a main password as well as potentially using a software or hardware token. These solutions are impossible to scale due to their reliance on users to remember the given answers, cross-use of passwords with various accounts and likelihood that once one account is compromised, that cross-use of passwords will have a negative effect on the security of the user’s other accounts.
Spearphishing attacks play on users' familiarity with frequently-visited websites by misleading users to enter account information by offering a duplicate 'trusted' site.
On the other hand, successful attempts to address the problem rely on custom applications. These proprietary efforts are expensive to roll out and to sustain, and any compromised system requires an overhaul of the custom application and devices.
The FIDO Alliance approach is to streamline the authentication process for the personal and business user across platforms and proprietary devices.
The FIDO Alliance believes the online and authentication ecosystem needs a standardized, global protocol and the necessary interfaces to allow a business to support authentication solutions appropriate to the risk, based upon the kind of transaction being executed and the value of the data involved. The FIDO protocol will allow the interaction of technologies within a single infrastructure so security options can be tailored to the distinct needs of each user and organization. The range of technologies supported by the FIDO protocol will include biometrics such as fingerprint scanners, voice and facial recognition, as well as existing authentication solutions such as Trusted Platform Modules (TPM), Near Field Communication (NFC), One Time Passwords (OTP) and many others. The protocol is designed to be extensible and to accomodate future innovation in this area, as well as protecting existing investments.