The FIDO (Fast IDentity Online) Alliance has published final 1.0 drafts of its two specifications – Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F).
The specifications outline a new standard for devices, servers and client software, including browsers, browser plugins, and native app subsystems. Any website or cloud application can interface with a broad variety of existing and future FIDOenabled authenticators, ranging from biometrics to hardware tokens, to be used by consumers, enterprises, service providers, governments and organizations of all types.
"Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die," said Michael Barrett, president of the FIDO Alliance. "FIDO Alliance pioneers can forever lay claim to ushering in the ‘post password’ era, which is already revealing new dimensions in Internet services and digital commerce."
FIDO specifications define an open, scalable, interoperable set of strong authentication mechanisms that reduce the reliance on singlefactor username and password login.
The importance of this is amplified following recent a recent Verizon report which found that weak or stolen login credentials were a factor in more than 76% of the breaches analysed.
While the core 1.0 specifications are final, the FIDO Alliance is nearing completion of extensions that will incorporate Near Field Communications (NFC) and Bluetooth into the range of FIDO capabilities.
"Our members’ determination, cooperation and tireless perseverance have delivered this landmark accomplishment in less than two years from announcing the FIDO Alliance and its goal to develop industry open standards for interoperable, privacyrespecting strong authentication," said Brett McDowell, executive director of the FIDO Alliance.
"I applaud and congratulate the members of the FIDO Alliance on these accomplishments, and look forward to our continued collective effort to bring FIDOenabled experiences to the global marketplace in 2015 and beyond."