Fido Authentication Features

Simpler, stronger authentication with FIDO U2F, UAF, and FIDO2 solutions

DIGIPASS FX1 BIO

Unrivalled user experience

Passwordless Solution

Eliminating passwords improves usability. Remove friction and deploy stronger, more convenient authentication with fingerprint biometrics.

Intuitive to use

DIGIPASS FX1 BIO is intuitive to use. To authenticate, users simply scan their fingerprint.

Do business, anywhere, anytime

Log on with confidence anywhere, anytime, on any device.

Different connection options

While DIGIPASS FX1 BIO can be connected to a desktop via USB, it is also Bluetooth/NFC-enabled. This means it works seamlessly with any laptop, desktop computer, tablet, or phone, to ensure maximal user adoption.

Cost-efficient solution

Reduce operational expense

FIDO eliminates the need for password resets and the associated support costs. With the reduction in password-related issues, IT support teams spend less time addressing user password-related problems.

FIDO also allows for one device to manage multiple service specific key pairs. This, simplifies user authentication management and reduces administrative costs.

Future proof security investment

The FIDO Alliance continually updates its standards and specifications to address new security challenges and evolving threats. As a result, FIDO-based solutions can adapt to and protect against emerging security risks. FIDO supports multiple authentication factors, including biometrics and PINs. This flexibility enables organizations to adapt to changing security requirements and user preferences.

Choose a scalable solution

FIDO can scale to accommodate the growth of an organization without significant increases in operational costs or complexities. This scalability ensures that security investments remain effective as organizations expand.

Easy to manage and integrate

Mitigate social engineering fraud

DIGIPASS FX1 BIO is a phishing-resistant authenticator that enables passwordless authentication. The device works in connected mode, so one-time passwords are never disclosed. As there are no passwords to phish, organizations are less vulnerable to attacks that rely on passwords, such as adversary-in-the-middle and adversary-in-the-browser attacks, account takeover, and replay attacks.

Stronger authentication with FIDO key pairs

FIDO replaces traditional username-password combinations with cryptographic key pairs which are more secure and less susceptible to common vulnerabilities like password theft, phishing, and brute-force attacks. FIDO uses a private/public key pair for authentication. This means that even if the public key is compromised, unauthorized access is virtually impossible as the private key is secure. The private key stays on the user's device, and it can only be unlocked through user action.  

FIDO's two-way verification process checks the match between the private key on the user's device and the public key on the service's server, offering a robust authentication mechanism. This method offers stronger protection compared to code-based verification methods like SMS and one-time passwords (OTPs).

Enhanced security

Works with any FIDO2-enabled service

DIGIPASS FX1 BIO supports the FIDO2 protocol and works out-of-the-box with any FIDO2-enabled service, ensuring a faster time to market.

Easy to setup

DIGIPASS FX1 BIO works in connected mode via USB, Bluetooth, and NFC. Users simply plug in the device via USB. To enable Bluetooth, the device must be paired to the user’s mobile, PC, or other device of choice.

Upon first use, you users will be asked to set a PIN code and register their fingerprint. After the PIN is set, users can log on to any FIDO2-enabled service. No additional drivers need to be installed, ensuring a frictionless and intuitive user experience and, resulting in higher user adoption.

Mobile Security Suite with FIDO (FIDO UAF)

Security

FIDO UAF Certified

Mobile Security Suite with FIDO is a FIDO UAF certified solution.

Eliminates Shared Secrets

FIDO protocols use asymmetric public key cryptography. At registration, a private and public key pair is generated and the private key never leaves the device. As such, there are no server-side secrets to steal. There is also no linkability between services, which means that no information is provided that would allow user tracking.

Biometrics

Biometrics are never stored or matched on servers, and can only be stored and matched on a consumer’s device. 

Additional Risk Scoring Security Features

FIDO capabilities are offered as part of the OneSpan Mobile Security Suite. This is a comprehensive developer toolkit (SDK) that natively integrates application security, FIDO authentication, and electronic signing into mobile applications. The Mobile Security Suite provides FIDO authentication and much more, including features such as geolocation, jailbreaking, device binding, and secure storage. 

App Shielding

Protect native apps against sophisticated mobile malware through app shielding and Runtime Application Self-Protection (RASP). Application shielding protects a mobile app from the inside out. It allows the app to securely operate even in potentially hostile environments, such as jailbroken or rooted devices – blocking malware and helping to prevent intrusion, tampering, and reverse-engineering. 

Compliance

PSD2

FIDO meets the requirements outlined in the revised Payment Services Directive (PSD2) Regulatory Technical Specifications (RTS). FIDO supports strong customer authentication and multi factor authentication, as well as dynamic linking for online and mobile payments (to protect against Man-in-the-Middle attacks).

GDPR

FIDO meets GDPR compliance requirements by design. FIDO delivers authentication with no third party in the protocol, and no linkability or tracking between accounts and services. Server-side secrets are eliminated and local verification of data (e.g., PIN and biometrics) complies with the GDPR.

Ready for the benefits of FIDO-certified solutions?

OneSpan offers a comprehensive suite of FIDO U2F, UAF, and FIDO2 compliant solutions to secure your online and mobile applications.