FB pixel

Certification process for FIDO Authenticators demystified by Veridium

Certification process for FIDO Authenticators demystified by Veridium
 

Certification testing for FIDO Alliance standards is a topic of increasing focus around the industry, and for those preparing for or considering starting the process, a presentation at Authenticate 2022 provided ‘A Gentle Introduction to Certification of a Cross-Platform FIDO2 Authenticator.’

Veridium CTO John Callahan was joined by the company’s Alex Encica, a senior developer, in a pre-recorded video to explain what happens during the interoperability test.

FIDO Certification provides assurance that a given technology is conformant with the standards, that it meets customer requirements, as well as interoperability with other certified products, compliance with regulations, and validation.

Callahan outlined the benefits of FIDO certification for businesses and their customers, and provided an outline of the steps involved in becoming certified.

The technical aspects of that process, conformance self-validation and interoperability testing, were the focus of the presentation.

There are five levels for Authenticators. Software authenticators dealt with at Level 1, which is what Veridium went through for its iOS and Android SDKs.

While the conformance self-validation is the entry point to certification, “but before that, a lot of preparation is required,” Callahan cautions.

Registering for interop events, reviews of all relevant materials, and an implementation of the FIDO2 demonstration app with the SDK are necessary, metadata should be constructed and a vendor questionnaire submitted for each technology being certified. WebAuthN testing and downloading the self-validation testing tool are also important parts of the preparation.

Callahan demonstrated a walk-through of using the conformance testing tool, sharing details on what technology providers can expect and things to watch out for during the process. Videos demonstrating the setup and biometric authentication checks of the interop test, including how to register new keys, followed.

The resulting Interop report must be submitted, along with some additional paperwork, to apply to the FIDO Alliance for certification. Finally, metadata must also be posted to the FIDO registry.

The FIDO Alliance also recently launched a certification program for document authenticity checking.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

‘Facial recognition is the easy part’: digital travel ID pilot results are in

Air travel has been getting more complicated. From security and passport checks to special documents such as COVID-19 certificates, passengers…

 

Worldcoin expands to Ecuador, set to resume in Kenya and Portugal

Chalk up a win for Worldcoin in Kenya, where authorities have dropped their investigation into the iris biometrics and digital…

 

Corsight, Segdboa supply facial recognition to São Paulo military police

Corsight AI has partnered with Segdboa to provide the São Paulo Military Police with advanced facial recognition technology, with the…

 

Vote begins on biometric injection attack standard

Europe’s standard for biometric data injection attacks is on track to be published in October of this year, and could…

 

Idex, Zwipe each strike biometric access card deals

Norway-based Idex Biometrics‘ access control system has received an integration order for biometric access cards, while fellow Nordic developer Zwipe…

 

Indonesian ports automate with HID FRT to reduce wait times

A case study from HID breaks the deployment of its facial recognition technology (FRT) for automated border control by Indonesian…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events