What is FIDO (Fast Identity Online)? - Definition from WhatIs.com

Definition

FIDO (Fast Identity Online)

Part of the Authentication glossary:

FIDO (Fast ID Online) is an open standard for a secure and easy-to-use universal authentication interface created to address the lack of interoperability among strong authentication devices.

The FIDO standard supports multifactor authentication and strong features like biometrics. FIDO stores supporting data in a smartphone to eliminate the need for multiple passwords. FIDO is much like an encrypted virtual container of strong authentication elements including: biometrics, USB security tokens, Near Field Communication (NFC), Trusted Platform Modules (TPM), embedded secure elements, smart cards and Bluetooth. Data from authentication sources is used for the local key, while the requesting service gets a separate login to keep user data private.

FIDO works through two different protocols for two different user experiences. The Universal Authentication Framework (UAF) protocol allows the user to register an enabled device with a FIDO-ready server or website. Users authenticate on their devices with fingerprints or PINs, for example, and log in to the server using a secure public key. The Universal Second Factor (U2F) protocol is designed to authenticate users with a strong second factor, such as a USB touchscreen key or an NFC tap on a mobile device.

FIDO's local storage of biometrics and other personal identification is intended to ease user concerns about personal data stored on an external server or in the cloud. By abstracting the protocol implementation, FIDO also reduces the work required for developers to create secure logins.

FIDO is developed by the FIDO Alliance, a non-profit organization formed in 2012.  Alliance board-level members include ARM, Blackberry, Google, Master Card, Microsoft, PayPal, Samsung, Synaptics and Visa.

This was last updated in December 2014
Contributor(s): Matthew Haughn, David Strom
Posted by: Margaret Rouse

Related Terms

Definitions

  • rainbow table

    - A rainbow table is a listing of all possible plaintext permutations of encrypted passwords specific to a given hash algorithm. Rainbow tables are often used by password cracking software for networ... (WhatIs.com)

  • single-factor token

    - A single-factor token is a small hardware device that produces one confirming credential for user authentication; the devices may be used in conjunction with other types of credentials for multifac... (WhatIs.com)

  • multifactor token

    - Multifactor tokens are security tokens that use more than one category of credential to confirm user authentication. The standard categories of authentication credentials are knowledge factors thi... (WhatIs.com)

Glossaries

  • Authentication

    - Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About FIDO (Fast Identity Online)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.