FIDO Alliance talks 2019 achievements and biometrics adoption in new report
FIDO Authentication with biometrics or physical tokens for strong, seamless web logins is ready to be deployed on billions of consumer devices around the world, FIDO Alliance says in its 2019 report released last week.
In 2019, FIDO partnered with platforms and web browsers to support FIDO Authentication, which allows websites to use FIDO-based logins through an API on consumer devices.
Some of the organization’s notable achievements for 2019 include the Web Authentication (WebAuthn) specification being accepted as an official web standard, making the option to log in to web services and apps with biometrics, mobile devices, or FIDO security keys an official W3C web standard. Other top highlights of 2019 include generally available FIDO2 browser support for Google Chrome, Microsoft Edge, Mozilla Firefox , Apple Safari and Opera, FIDO2 certification for Windows Hello which allows Windows 10 users to access their devices through Windows Hello biometrics or PINs, and FIDO2 certification for Google’s Android 7.0+ platform.
“We know that realizing the FIDO Alliance’s mission to move the world beyond the password ‘shared secret’ model of authentication requires making FIDO a ubiquitous feature across all of the devices, operating systems and browsers we use every day. Given the platform enablement progress of this year, we are well on our way to that ubiquity,” said Andrew Shikiar, executive director and chief marketing officer of the FIDO Alliance. “Never before have service providers and developers had the ability to enable convenient, cryptographically secure authentication to a user base this broad. Service providers are now taking advantage of these new capabilities on a global scale.”
A growing number of service providers rolled out in 2019 FIDO Authentication across mobile and web. Some noteworthy achievements include FIDO passwordless authentication for Intuit mobile apps, which allegedly reduced sign-in time by 78 percent when compared with SMS-based multi-factor authentication and registered a 99.9 percent authentication success rate , FIDO paswordless sign-in for Microsoft’s Azure Active Directory, NTT DOCOMO introduced ‘d Account’ passwordless authentication which lets users use FIDO biometric authentication instead of password logins, the General Services Administration (GSA) introduced FIDO authentication for login.gov, the National Health Service in the United Kingdom released two pieces of open source code that developers can use to add biometric security for app login, such as facial or fingerprint recognition, Google rolled out biometric authentication for some services on Android devices leveraging FIDO2 standards, FIDO CTAP, and WebAuthn, and Line Pay was the first mobile payment app to support FIDO2.
In June, FIDO Alliance announced new standards and certification initiatives to automate secure IoT device onboarding without passwords, and to strengthen identity verification and binding. The organization also formed two new working groups the Identity Verification and Binding Working Group (IDWG) and the IoT Technical Working Group (IoT TWG) responsible with guidelines and certification criteria.
FIDO Alliance added new members in 2019 including AdNovum Informatik AG, FIME SAS, the government of Thailand, IBM, IDNow, Imagination Technologies, Intuit, Jumio Corporation, the Mitre Corporation, Phoenix Technologies, Ping Identity, and Secure Identity.
In 2020, the FIDO Alliance plans to introduce a new conference called Authenticate, which will take place in June in Seattle.