16 Oct

5 Min read

Quantum is Knocking!

October 16, 2024 Dr. Rolf Lindemann 0 comments

Do you remember the movie Sneakers and the infamous black box labeled Setec Astronomy? That fictional device could decrypt any secret, an ability that seemed fantastic at the time. Now, quantum computers may turn that fiction into reality. These powerful machines have the potential to revolutionize our digital world, where nearly all internet communication is protected by cryptographic protocols like TLS, and our banking and payments systems rely on cryptography for card transactions and user authentication. We finally have arrived at the “too many secrets” moment hinted at in Sneakers.

Let’s dive deeper into what is driving this change, why it is urgent, and what lies ahead in this rapidly evolving space.

The Drivers

Cryptography enables us to securely encrypt information, ensuring that only authorized entities can view sensitive data, even when it is transmitted through public networks like the internet. It plays a critical role in remotely authenticating users and systems, as well as signing data to protect message integrity “at rest” and “in transit”. Essentially, cryptography is the security of the internet, since relying on dedicated communication lines without proper cryptographic protections is impractical.

Recent advances in quantum computing push the boundaries of what is possible – they are on the verge of surpassing classical computers. Certain complex problems that are challenging for classical computers can be solved more efficiently by quantum computers. The most notable example is SHOR’s algorithm, which enables quantum computers to factorize integers in polynomial time, where classical computers require exponential time. This is relevant for the RSA algorithm, which depends on the difficulty of factorization to ensure security. Note there are still (I should say: researchers believe there will be) problems which remain difficult for both classical and quantum computers, such as the “traveling salesman problem”. So in short, quantum computers are powerful, but not like the all-powerful “black box” decryption machines featured in Sneakers.

The Urgency

The NSA set 2035 as the deadline to transition to post-quantum cryptography (PQC) algorithms in national security systems. While not all systems are as sensitive as national security systems, this deadline serves as a good indicator for other industries to consider as well.

So why 2035? In the quantum computing world, performance is measured in qubits. In 2020, IBM predicted it would have a quantum computer with 1 million physical qubits by 2030. In 2023, IBM refined its projections with a more concrete plan to reach 100k physical qubits by 2033.

Current research suggests that 4,099 (fault-tolerant) qubits are sufficient to break RSA with 2048 bit keys – a widely used cryptographic algorithm today. This estimation assumes perfect fault-tolerant qubits. Since today’s quantum computers are very noisy, Quantum Error Correction (QEC) is required, and that adds a large qubit overhead, in the range of 10 – 100 or even up to 1000 physical qubits to implement a single fault-tolerant qubit. This means 40,000 to 4 million physical qubits are required to break RSA 2048. Based on current progress, experts predict that by 2035, quantum computers capable of breaking modern cryptographic algorithms such as RSA 2048 may exist. For context, quantum computers with 1180 physical qubits are available today, more than doubling last year’s 433 physical qubits limit.

While 2035 may seem far away, multiple factors drive a sense of urgency. In high security applications, cryptographic operations are often performed using hardware such as payment cards, hardware security modules, FIDO security keys, smartphones, and electronic ID cards. Hardware tends to have a longer lifetime than software. Especially devices like FIDO security keys and electronic ID cards that are expected to have a lifetime of 10 years, which means by 2025 there will be a demand for cryptographic hardware that is already enabled for PQC. While hardware devices, such as network communication devices or hardware security modules, might be able to add PQC support through firmware updates, others, such as FIDO security keys and electronic ID cards typically require hardware support that cannot be updated.

While it is sufficient to have PQC in place for signing and authentication use cases by 2035, encryption is a more urgent challenge. Known as “harvest now, decrypt later”, adversaries may be harvesting encrypted data hoping to decrypt it in the future using high-performance quantum computers. As a result, encryption solutions may need to be updated even sooner to mitigate this risk.

What Happens Next

NIST’s PQC project has made great progress with the publication of the first three PQC algorithms: FIPS 203, FIPS 204 and FIPS 205, and a fourth in the works.

This milestone provides the necessary clarity for protocol designers to add PQC to critical systems like TLS, FIDO, and payment networks. This in turn serves as the basis for security software products to implement PQC support.

For security engineers, especially those working on cryptographic hardware, this development is equally important. Hardware-level implementations require more lead time due to the complexity of securing firmware against side-channel attacks and other vulnerabilities. Designing, optimizing, producing, and certifying new PQC-ready chips requires more time and careful attention to ensure the security.

At that point we will see more proof-of-concept implementations and pilot deployments, eventually transitioning users to a new generation of cryptographic algorithms. In an ideal world users won’t even notice the transition and all the hard work that went into it.

As an inventor of the FIDO authentication protocol and a co-founder of the FIDO Alliance, Nok Nok continues to lead the way in supporting post-quantum cryptography. We closely monitor advances in PQC and actively help evolve the FIDO protocols to stay ahead of emerging threats. Nok Nok products are designed with built-in flexibility to support post-quantum cryptography, ensuring that our customers stay secure both now and in the future.

02 May

4 Min read

Friction and Fatigue = Fraud: not with Passkeys!

May 2, 2024 Nok Nok News 0 comments

Friction and Fatigue = Fraud: not with Passkeys!
Enhancing Banking Security Through Advanced Authentication: Embracing Passkeys

In today’s digital landscape, where online transactions have become ubiquitous, ensuring robust security measures within the banking sector is paramount. But users too often encounter friction in their onboarding process or just give up due to the multiple times they are asked to prove their identity.

With the proliferation of cyber threats and the increasing sophistication of malicious actors, traditional authentication methods have proven to be inadequate in safeguarding sensitive financial data. However, a transformative shift is underway, powered by advanced authentication technologies such as FIDO (Fast Identity Online), revolutionizing the way banks protect their customers’ accounts and transactions. Here, we delve into four key considerations and an outlook on how banking security is being fortified with advanced authentication, particularly through the adoption of FIDO technology:

Seamless Authentication Across Platforms
Banks have made significant strides in leveraging biometrics for native banking app sign-ins, offering users a convenient and secure authentication experience. However, this convenience is often absent when accessing banking services via web browsers, where users are still required to rely on traditional usernames and passwords. By adopting FIDO-based passkey authentication for web applications, banks can provide a consistent and frictionless user experience across all platforms, enhancing security while reducing login time and fatigue.
Streamlining Payment Approvals
The current process of approving payments during e-commerce transactions often involves app-switching or device-switching, introducing unnecessary friction and potentially impacting conversion rates. With the integration of Secure Payment Confirmation (SPC) technology, powered by FIDO authentication, users can seamlessly approve payments without the need to switch apps or devices. Initial pilots have demonstrated a significant uplift in conversion rates, underscoring the efficacy of this approach in enhancing user experience and security.
Expanding the Role of Banking Cards
Traditional banking cards are primarily designed for offline use, limiting their utility in online transactions and contributing to the prevalence of card-not-present (CNP) fraud. By incorporating FIDO security key technology into banking cards, financial institutions can extend the functionality of these cards to online transactions, providing users with a secure and convenient authentication method. This not only simplifies device migration for banking app access but also reduces reliance on vulnerable authentication methods such as SMS-based OTPs.
Optimizing User Onboarding Processes
The conventional approach to user onboarding in banking often involves ID proofing before credentialing the user, resulting in potential disruptions and drop-offs during the signup process. By reversing this order and leveraging FIDO passkeys, banks can enhance the onboarding success rate while providing a seamless user experience. Passkeys eliminate the need for passwords altogether, further streamlining the authentication process and ensuring a smoother transition for new users.

Outlook: Shifting Towards FIDO-Based Authentication

The authentication landscape is undergoing a paradigm shift, transitioning from traditional methods like passwords and OTPs to FIDO passkeys. This evolution is driven by the need for stronger security measures, improved user experience, and compliance with regulatory requirements such as PSD2 and SCA. As banks embrace FIDO technology, they stand to benefit from enhanced security, reduced friction, and greater flexibility in authentication methods.

Where can you find the cross platform, streamlined but secure onboarding for your banking applications – Nok Nok. As one of the creators of FIDO-based authentication credentials, Nok Nok offers passwordless sign-up and sign-in to online services. Nok Nok™ solutions are built from the ground-up leveraging FIDO standards and offer the most comprehensive passkey support to meet the widest range of use cases.

In conclusion, FIDO-based authentication holds the key to fortifying banking security in an increasingly digital world. By embracing advanced authentication technologies and prioritizing user experience, banks can stay ahead of evolving threats and provide their customers with the peace of mind they deserve in their financial transactions.

17 Nov

4 Min read

Missing the Forest for the Trees

November 17, 2023 Jackie Comp 0 comments

New technologies, especially those that are transformational, get scrutinized – that’s normal. The benefits need to be carefully understood along with any potential drawbacks. The danger to progress however, results from an imbalance in focus … when we place too much emphasis on “edge cases” at the sacrifice of all the benefits.

We miss the forest for the trees.

Passkeys are a perfect example. Passkeys (aka passwordless FIDO credentials) are transformational as an authentication approach. They are phishing-resistant, easy to use, and future proof (open standard supported by the ecosystem). While they are still new to most users, passkeys will quickly become the preferred method of authentication in the same way most users happily adopted Touch ID and Face ID when offered for app sign-in.

Simply put, passkeys are more secure and more convenient than passwords and one-time passwords (OTP):

Keys cannot be “phished” (there is no “secret” to share)
Fake sites (man-in-the-middle attacks) will fail because they do not have the appropriate private key to impersonate a user.
Attacks don’t scale because the attacker must physically have the user’s device where the private key is stored, as well as their user verification method (fingerprint, face recognition, etc).
Users don’t need to remember complex passwords or fumble with OTPs — they just sign in with a swipe or look into the camera. The complexity of the private/public keys is behind the scenes.

Although passkeys are vastly more secure and greatly improve the user experience, the attention seems to be focused on the “edge cases” that make them not “perfect”.

Edge Case #1: Unclear how the synced key is protected – what if it is compromised. Synced passkeys may be stored by platform providers like Apple and Google, or they may be protected by password managers. That is no different from passwords. The big difference, however, is that passwords can be easily phished and stolen. While password managers can help prevent phishing, not everyone uses one. Also, the relying party cannot tell if they are using a password manager or how strong the password really is. With passkeys the phishing resistance doesn’t depend on user behavior. It is guaranteed by the standard. And to steal someone’s passkey you’d have to take over their account or trick a provider to restore a key to your device, which is orders of magnitude more difficult to achieve. Is it possible, yes, but the current risk with passwords is far greater.
Edge Case #2: The transport security of the keys is unknown. The protocol may be proprietary to the provider, however the large providers strongly encrypt the passkeys and synchronization of passwords to the cloud uses proprietary protocols, too.
Edge Case #3: The key may have been shared (“AirDropped”). This is true, a user can air drop their passkey to another user. It is also true, however, that someone can just as easily share their password. And, unlike passkeys, passwords can be easily guessed making them much more vulnerable.

Understanding risk is important, but not at the expense of gain.

Imagine all the doors and windows in your house with flimsy padlocks that can be easily snapped off with one kick. You have the opportunity to replace them with a high-security deadbolt system that is resistant to being kicked in. However there is one very tiny window on your 3rd floor that would require a 30 ft ladder and gymnastics across your roof for a thief to reach, but it cannot leverage the new lock system. Since you can’t secure that one window, you decide not to secure any of them.

That’s missing the forest for the trees.

The bottom line is even if you change nothing else, you are greatly reducing your attack surface by implementing passkeys to replace passwords wherever possible. For regulated markets that typically require MFA with strong device binding, you can combine device-bound passkeys with synced passkeys, creating a “trust anchor” to deal with the 3rd floor window.

Nok Nok has all the capabilities and expertise to help you on your journey through the enchanted forest.

10 Nov

3 Min read

Nok Nok’s FedRAMP High Journey: Next Step in Federal Cybersecurity

November 10, 2023 Nok Nok News 2 comments

In the world of cybersecurity, the federal government sets some of the most stringent requirements for its suppliers. It’s a landscape where only the best can thrive, and Nok Nok, a pioneer in Fast IDentity Online (FIDO) authentication solutions, has emerged as an important supplier. The company recently achieved the coveted Federal Risk and Authorization Management Program (FedRAMP) High authorization through its partnership with UberEther’s IAM Advantage. This achievement follows its DoD Impact Level 5 (IL5) achieved in 2022 and marks a significant milestone in delivering top-notch cybersecurity to federal agencies, partners, and citizens.

Here are the key takeaways from this latest achievement:

1. Federal Government’s Uncompromising Cybersecurity Standards

The federal government has long been known for its uncompromising cybersecurity standards. In response to the 2021 White House Cybersecurity Executive Order and the subsequent call from US Government CISO Jen Easterly for advanced Multi-Factor Authentication (MFA) based on FIDO standards, the demand for cutting-edge cybersecurity capabilities has never been higher. The government is leading the way in adopting the best of breed cybersecurity measures, making it crucial for suppliers to meet these advanced cybersecurity requirements.

2. Nok Nok’s Unique Position: FIDO and More

Nok Nok’s unique position as one of the original creators of FIDO standards sets it apart. The partnership with UberEther has enabled Nok Nok to provide federal agencies with phishing-resistant MFA that not only meets DoD Impact Level 5 (IL5) and FedRAMP High certifications but also complies with the Federal Information Processing Standards (FIPS) and National Institute of Standards and Technology (NIST) standards. This combination of expertise and collaboration empowers federal agencies to meet the highest levels of security and regulatory requirements seamlessly.

3. Streamlining Phishing-Resistant Authentication

Nok Nok’s MFA solution offers an effortless and convenient alternative to traditional Personal Identity Verification (PIV) and Common Access Card (CAC) methods. Leveraging the public key cryptography capabilities of modern endpoint devices such as smartphones and PCs as well as security keys, the solution eliminates the need for additional drivers, middleware, or browser plugins. This approach provides a secure and user-friendly way for employees, contractors, and citizens to access information, all while reducing the vulnerabilities and costs associated with password management.

In Conclusion:

Nok Nok and its partnership with UberEther are at the forefront of delivering advanced cybersecurity solutions to the federal government, setting the gold standard for phishing-resistant MFA. With FedRAMP High authorization, FIPS and NIST compliance, and adherence to FIDO standards, Nok Nok and UberEther are ensuring the highest level of security for federal agency employees, contractors, and citizens. As the digital era continues to evolve, Nok Nok is committed to transcending traditional boundaries and meeting the dynamic cybersecurity needs of our modern society.

28 Jun

3 Min read

Reduce Cart Abandonment with Passkey Authentication

June 28, 2023 Matt Lourie 0 comments

Reduce Cart Abandonment with Passkey Authentication

Matt Lourie, Sr. Director of Engineering

Passkey authentication is a solution to streamline the login and registration process, enhancing the overall user experience.

Developers of e-commerce web applications constantly face the challenge of improving user experience and increasing conversion rates. One common issue that online businesses struggle with is shopping cart abandonment. This blog explores the impact of complex login processes on cart abandonment rates and introduces passkey authentication as a solution to streamline the login and registration process, enhancing the overall user experience.

The Problem With Shopping Cart Abandonment

A recent study conducted by the FIDO Alliance sheds light on the significant losses faced by online retailers in the U.S. due to complex login processes. The survey found that 58% of shoppers abandon their carts and halt their purchases due to difficulties encountered during the sign-in process. Password-related frustrations, such as forgetfulness or the need to create new accounts, deter consumers from completing transactions. Additionally, 28% of respondents expressed that the hassle of setting up and remembering new passwords would discourage them from signing up for a new account. The study reveals a clear need for a simpler and more convenient authentication solution.

The Power of Passkeys

Passkeys offer a practical solution to address the challenges associated with complex login processes. Passkeys are a new and better way of signing in to websites and apps without passwords. They are unique digital keys that are stored on your device and verified with your biometric sensor, such as your fingerprint. Passkeys are more secure and convenient than passwords because they can’t be reused, guessed, or stolen.

In the study, consumers expressed a preference for on-device biometrics, such as fingerprint or facial recognition, as alternatives to passwords. These methods were perceived as quicker and easier to use, with 68% believing they were more expedient than traditional two-factor authentication. Retailers that offer on-device authentication were seen as more invested in customer experience, privacy, and security, and were more likely to be recommended to others. Passkeys help retailers stand out from competitors and create a positive brand image.

By eliminating the need for users to remember multiple login credentials, passkeys significantly enhance the overall user experience and encourage repeat visits. Users no longer have to struggle with password-related frustrations, leading to increased customer satisfaction and reduced cart abandonment rates.

Nok Nok Makes Implementing Passkeys Easy

Contrary to popular belief, implementing passkey authentication doesn’t require extensive coding or technical expertise. To help web developers, we have created a comprehensive video tutorial as part of our learning series. Our video tutorial demonstrates the step-by-step process of adding passkey authentication to your web app. Watch our video today, sign up for a free trial, and unlock the potential of passkeys to boost your conversions and improve customer satisfaction!

13 Apr

7 Min read

Nok Nok Expands S3 Authentication Suite

April 13, 2023 Nok Nok News 0 comments

Nok Nok Expands S3 Authentication Suite to Meet the Needs of Government, Regulated, Payment, and E-Commerce Organizations

New capabilities include regulatory compliance and risk management, synced passkeys, secure payment confirmation, and more

San Jose, CA – April 13, 2023 – Nok Nok , a leader in passwordless authentication for the world’s largest organizations, today announced the latest release of the Nok Nok™ S3 Authentication Suite (S3 Suite) that delivers four new capabilities designed to meet the needs of regulated industries, payments markets, and e-commerce organizations. For government organizations or highly regulated industries such as healthcare, finance, and insurance, the new offering simplifies the ability to comply with security and regulatory requirements, including identifying known and unknown devices. Additional new features help e-commerce organizations reduce friction for consumers. Payment companies will also benefit with new features in the S3 Suite that address Secure Payment Confirmation (SPC) for approving high value financial transactions in web browsers.

With the increasing rise in cyber threats, security professionals are faced with heightened complexity. Not only are they navigating how to implement best practices and respond to federal mandates as they develop, but they also must be responsive to their own users and consumers without preventing their access to services or causing user friction. Organizations that are highly regulated industries are also under enormous pressure and must be prepared to respond to and comply with government and industry regulations. The Nok Nok S3 Suite leverages a wide range of authenticators, including biometric and non-biometric modalities to help meet regulatory compliance, address NIST SP800-63 and SP800-157 standards, and support various authentication needs. By integrating with an organization’s security solutions, the S3 Suite provides additional contextual information and leverages scores provided by external risk engines and behavioral biometric systems.

“The war against cyber criminals has not let up and the job of being a security professional continues to be more difficult as new mandates from the White House have been added to the list of compliance requirements. And if you are an international organization, EU and Asia requirements add to the compliance complexity. We are excited to address these compliance needs and broaden the reach of our technology into these regulated markets. Organizations operating in finance, enterprise, e-commerce and government are up against increased pressure to comply and regulation is only expected to become more stringent in the years to come,” said Phil Dunkelberger, CEO of Nok Nok. “We co-founded the FIDO Alliance to make it easier to implement strong, passwordless authentication solutions for consumers and enterprises. Now, we are expanding our offering to companies in key regulated sectors that need to be able to quickly and efficiently respond to the evolving regulations coming from the US and foreign governments.”

New government and regulated industry support includes:

Passkeys. With the rise in adoption of synced passkeys, regulated organizations need to be able to understand whether users are using their passkey with a known device or on a new device. When new devices are introduced for the first time, regulated organizations typically need to trigger additional verification steps to ensure the device belongs to the legitimate user. With the Nok Nok S3 Suite v9, organizations can easily configure authentication rules that detect the use of new devices and configure methods in order to verify whether the device is used by the legitimate user.
Support for Security Key Tracking and Inventory. New capabilities allow organizations in highly regulated industries such as healthcare, insurance and banking, to monitor and track users that are using the security key(s) they were given by their employer. With these new product features, organizations can “attest” that a user is using the security key they were issued – not a third party key – and meet security and regulatory requirements.

New E-Commerce and Consumer support includes:

Synced passkeys. Asking users to provide a password reduces enrollment conversion rates and requiring a password at checkout negatively impacts the checkout conversion. Today’s release of the S3 Suite with synced passkey features allows consumers from any of their devices to access e-commerce sites by easily signing in using biometrics instead of using a password. Additionally, the synced passkey feature enables merchants to reduce friction at sign-up, making it easier to engage personally with the customer, enroll them in loyalty programs, automate billing, and collect specific data which has become more difficult with 3rd party cookies being deprecated.

New Payment support includes:

Secure Payment Confirmation. While today’s strong customer authentication two-step-verification is more secure, it is still perceived as inconvenient to the consumer. The introduction of W3C Secure Payment Confirmation (SPC) into the S3 platform is similar to integrating a POS terminal into your browser that allows the user to use device biometrics instead of a card and (one-time) PIN. Support for SPC has been added to the EMVCo 3D Secure specification that is widely used for online card payments. For customers in the buying process, SPC dramatically cuts down on friction. This new SPC method extends the existing transaction confirmation capabilities of the Nok Nok S3 Suite making it the first choice for banks, payment service providers, and e-commerce merchants intending to implement delegated authentication.

“We have heard it said many times, removing passwords can improve time and effort spent handling password resets and account lockouts ; it reduces friction and improves the user experience, and it can drastically reduce risk,” said Jack Poller, senior analyst Enterprise Strategy Group. “As easy as it sounds, the complexity of replacing passwords while still staying compliant in regulated industries or meeting government regulations can be very complicated. Leveraging its history delivering FIDO-based strong authentication into enterprise and consumer markets, Nok Nok rolls out a set of capabilities that will ease the replacement of passwords in some of the most demanding environments. IT and security operations are trying to handle increased complexity in their environments every day; standards-based, passkey solutions should be high on their lists for first defense.”

The Nok Nok S3 Authentication Suite includes an Authentication Server and App SDKs for mobile, web and smartwatch applications. It leverages the security capabilities already present on a user’s device to bring strong and convenient authentication to any application. The S3 Suite enables organizations to easily turn a user’s device into a strong, multi-factor authentication method through support for all FIDO protocols, including passkeys.

With the S3 Suite’s rich set of capabilities, organizations can support the full customer lifecycle from frictionless on-boarding, progressive profiling, easy bootstrapping of new devices, account recovery, suspension and deprovisioning of users, to call center authentication support.

Press assets:

Learn more about the latest Nok Nok Authentication S3 Suite.

About Nok Nok

Nok Nok is a leader in passwordless customer authentication and delivers the most innovative FIDO (Fast IDentity Online) solutions for the authentication market today. Nok Nok empowers organizations to dramatically improve their user experience and security, and reduce operating expenses, while enabling compliance with the most rigorous privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s global customers and partners include AFLAC Japan, BBVA, Carahsoft, Fujitsu Limited, Hitachi, Intuit, Mastercard, MUFG Bank, NTT DATA, NTT DOCOMO, Standard Bank, T-Mobile, and Verizon.

For more information, https://noknok.com/.

10 Mar

2 Min read

Passkeys Webinar

March 10, 2023 Nok Nok News 0 comments

Nok Nok, Trusona, and the FIDO Alliance invite you to a passkeys webinar. Join Nok Nok’s VP Products Rolf Lindemann, Trusona’s CTO John Summers, and the FIDO Alliance’s Andrew Shikiar, Executive Director and CMO for a passkeys webinar streaming through ZOOM on March 28, 2023 at 9am PT. Top Considerations for Supporting Passkeys In Your Digital Business is designed for digital business leaders and product owners looking to gain a better understanding of the benefits of passkeys and their practical implementation in a digital service.

The panel will discuss the immediate readiness of passkeys and the effort required to support them, along with the UX challenges across multiple user journeys. Additionally, they will explore various deployment options and help attendees get started quickly on their passkey journey.

Key takeaways:

• Passkeys have material business value (e.g. auth success, reduced ATOs, etc.)
• Passkeys require an infrastructure to support
• You can get started today
• Partners can ensure a successful passkey implementation

Mark your calendars for 9am PT on Tuesday, March 28, 2023 and register now for this passkeys webinar, a critical discussion about the value of passkeys.

Nok Nok is the trusted leader in passwordless consumer authentication for the world’s largest organizations. Delivering the most innovative authentication solutions in the market today, Nok Nok empowers global organizations to improve the user experience to access digital services while meeting the most advanced privacy and regulatory requirements. Learn more about Nok Nok here.

Trusona was founded with a simple promise: know who’s on the other end. Since 2015, they’ve helped companies achieve higher levels of assurance in digital identity by moving beyond the vulnerabilities of traditional username/password authentication to passwordless identity authentication. Learn about Trusona here.

The FIDO Alliance is an open industry association with a focused mission: authentication standards to help reduce the world’s over-reliance on passwords. The FIDO Alliance promotes the development of, use of, and compliance with standards for authentication and device attestation. Learn more about the FIDO Alliance here.

05 Jul

3 Min read