FIDO Alliance – Better Multi-Factor Authentication

FIDO alliance

A day doesn’t go by without an information security incident in news about a large website being hacked and user 1000’s (if not millions) of accounts being compromised.  The recent discovery of over 1 billion passwords in the hands of cybercriminals is a perfect case in point.  Passwords are a nearly 60 year old authentication technology that is commonly failing us and the beg for a better solution. Passwords only offer you one factor (way or method) to authenticate verses many other less frequently deployed options. Thankfully, there are more secure alternatives such as multi-factor authentication. Multi-factor authentication goes well beyond the simple password by offer several more ways for us to authenticate while improving security. But before we continue let’s define multi-factor authentication:

Wikipedia defines multi-factor authentication as:
Multi-factor authentication (also MFA, two-factor authentication, two-step verification, TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: a knowledge factor (“something only the user knows”), a possession factor (“something only the user has”), and an inherence factor (“something only the user is”).

MFA of the Past

MFA has been around for a long time. The problem was there were expensive, difficult to deploy, non-standardized and based on closed source proprietary technology. Economics, lack of interoperability and openness made these MFA options a choice only for medium and large organizations with huge budgets to support it. No so anymore.

Enter FIDO

An industry consortium called the FIDO (Fast Identity Online) alliance is endeavoring to solve this issue by make web authentication easier, less expensive and more secure. Stronger, simpler authentication via an open industry standard with a myriad of devices. Among the members are: ARM, Bank of America, BlackBerry, Google, Lenovo, Mastercard, Microsoft, PayPal, RSA, Samsung, Visa, Yubico.

The FIDO alliance adeptly describes it self in its mission statement:

  • Developing technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users.
  • Operating industry programs to help ensure successful worldwide adoption of the Specifications.
  • Submitting mature technical Specification(s) to recognized standards development organization(s) for formal standardization.

Standards Based, Open, Interoperable, Many Options

These parties are attempting to envision a world where authentication is easier and more secure than past single factor drab, hackneyed password. To that end they are working with many different companies in the security space such as biometrics, tokens, TPM (Trusted Platform Modules, eSE (embedded security elements), smart cards, or even your smartphone.

Authentication for Tomorrow

The FIDO alliance represents an opportunity for market forces, open standards and inexpensive hardware/software to re-imagine authentication. Many FIDO MFA options are currently supported and many are on the way. Keep an eye out for support on your devices and ask those cloud providers and websites you work with everyday to support this promising technology. Together we hopefully see the move toward a simpler and more secure future.  Learn more about FIDO at their website.

Joseph P. Guarino has a long history of producing business results with the application of information technology. Joseph's expertise span over 15 years in the private sector at leading technology firms and consulting organization. With Evolutionary IT, he saw a market need to bring his transformative knowledge and expertise to firms in the New England area and worldwide. Joseph is driven by a strong desire to see customer's thrive with the best business solutions. Evolutionary IT evolved out of this desire to bring a new level of quality IT solutions, align them with business goals and give customer's a competitive edge.
Posted in SecurityTagged , , , ,  |  7 Comments

7 Responses to "FIDO Alliance – Better Multi-Factor Authentication"

Leave a reply