October 22, 2014 -
The FIDO (Fast IDentity Online) Alliance announced that Google Chrome has become the first web browser to implement support for FIDO Alliance authentication standards.
Google is strengthening its two-step verification by offering support for Security Key, a FIDO Ready U2F compliant physical USB second factor device that provides an easier and stronger alternative to six digit one-time passcodes.
Now, instead of typing in a code, users simply inserts a Security Key into their computer’s USB port and taps it when asked to do so in the Google Chrome browser.
By signing into a Google Account using this method, users have the assurance that their second factor cannot be phished since security key does not provide its cryptographic signature in the event that a fraudulent site tries to forge a Google sign-in page in Chrome.
By incorporating the open FIDO Universal 2nd Factor (U2F) protocol, Google Chrome has paved the way for other websites with account login systems to now incorporate support for FIDO U2F into their web applications and thereby providing the same level of security for their users who run Chrome.
Security Key works with Google Accounts for free, as long as users purchase a compatible USB device directly from any tested and approved FIDO Ready U2F vendor.
“We congratulate Google for making FIDO U2F authentication an option for their users,” said Michael Barrett, president of the FIDO Alliance. “With large scale deployments of FIDO UAF in payments applications from PayPal, Samsung, AliPay, Nok Nok Labs, and Synaptics, and today’s announcement of FIDO U2F authentication by Google, there is no doubt that a new era has arrived. We are starting to move users and providers alike beyond single-factor passwords to more secure, private, easy-to-use FIDO authentication.”
Many FIDO Alliance members have made their product lines of FIDO Ready devices compatible with Google’s Security Key feature as well as any future deployments of FIDO U2F authentication.
These FIDO Ready devices enable online service providers, enterprises, and users to benefit from FIDO U2F authentication.
A range of FIDO Ready devices, authenticators, open source solutions, and servers can be purchased from several vendors, including Duo Security, Entersekt, Infineon, NXP, Nok Nok Labs, Plug-up International, ST Microelectronics, Sonavation, StrongAuth, SurePassID and Yubico.
Previously reported, FIDO Alliance president Michael Barrett recently said that the organization’s biometric authentication technology has a greater chance of being adopted than its competitors.