FIDO Standard FIDO Standard

FIDO Authentication

Solutions based on the FIDO standard for simpler, stronger authentication using an open, scalable, and interoperable approach

Strong Security Using Industry Standard Interoperability

Eliminate passwords with the world’s largest ecosystem for standards-based, interoperable authentication
  • Check-mark

    Ease of use

    Remove friction and offer your users the flexibility to use any FIDO-compatible authenticator or device

  • Check-mark

    Privacy & Security

    Provide stronger authentication with FIDO public key cryptography. Protect your apps against phishing, MITM and replay attacks

  • Check-mark

    Cost reduction

    Use FIDO-certified solutions and reduce operational and development costs while ensuring a faster time to market

  • Check-mark

    Go passwordless

    Implement FIDO public key cryptography and lessen dependency on traditional, complex passwords

  • Check-mark

    Compliance

    Alleviate compliance concerns and rely on standardized authentication to help you meet regulatory requirements

  • Check-mark

    Standardization

    Take advantage of the FIDO ecosystem that ensures inoperability of hardware, software, and biometric authentication

A Better User Experience

Create an unrivaled customer experience for your mobile and online services

Provide your users with a passwordless experience by using the native security capabilities present on the end user’s device. 81% of data breaches in 2016* involved weak, default or stolen passwords. Use FIDO’s public key cryptography for authentication to eliminate the weakest link posed by traditional passwords. Implement FIDO authentication in your organization and enable easy access to your web and mobile applications.

* 2017 Data Breach Investigation Report by Verizon

Reduce friction for users via advanced authentication options to increase customer satisfaction and loyalty. OneSpan’s FIDO-certified solutions support different authentication options, including second factors, PIN, and push notification

Secure all your web and mobile applications with a single FIDO infrastructure. Enable FIDO authentication within your organization and enjoy the flexibility of different authentication methods. Ensure a high user adoption rate by leveraging well-known devices people use every day.

Strong Security with User Privacy in Mind

Overlay user privacy
  • Public key cryptography – The different FIDO protocols use assymetric standard public key cryptography designed for client authentication.
  • No third-party involvement – The private keys never leave the device. As such, there are no server-side secrets to steal.
  • No linkability – There is no linkability between different services, which means that no information is provided that would allow user tracking across different services.
  • Biometrics never leave the device – Biometric information is captured, verified, and stored on the device and never sent to a server.
  • All communication is encrypted

Cost Reduction

Cost Savings
  • Lower development and maintenance costs – No proprietary or in-house solutions need to be developed. OneSpan’s FIDO authentication can be easily integrated alongside your existing mobile and web applications.
  • Faster time to market – No extra development is required.
  • Little or no provisioning costs – Use a cost-efficient, second factor authenticator or leverage the end user’s mobile device.
  • Mitigate fraud – Reduce fraud and the cost associated with potential damages.
  • Reduce password reset costs – Eliminate traditional complex passwords.
  • Future-proof solution – OneSpan’s FIDO Authentication SDK is a standards-based solution that allows you to deploy FIDO authentication to your customer base on multiple devices.

How it Works

FIDO-certified solutions are based on public key cryptography. Before first use, the user must complete a registration process.

  1. Request your user to choose an available FIDO authenticator in line with your acceptance policy.
  2. Your user unlocks the mobile FIDO authenticator with a fingerprint reader or PIN; or with a button in case of a hardware second-factor device.
  3. The user’s device creates a unique private and public key pair for the local device, the user’s account and your online service.
  4. The public key associated with the user’s account is sent to the server. The private key is stored on the local device in a cryptographic keystore.
  1. Your online service challenges the user to log in with a previously registered device.
  2. Your user unlocks their FIDO authenticator in the same manner as they did for registration (e.g. fingerprint, PIN, second factor)
  3. A random challenge is created by the FIDO server. To sign that challenge, the device uses an account identifier to select the correct key.
  4. The signed challenge is sent back to the server where it’s matched against the stored public key and the user is authorized to log in.

FIDO Authentication

Easily implement FIDO enabled authentication while ensuring a superb user convenience

 

Support for mobile and/or hardware deployments

Provide your end users with a second factor (hardware) or passwordless experience (mobile) by using the native security features of an end user’s device. OneSpan’s solutions easily allow you to mix and match software and hardware to fit your authentication needs. 

Benefit from the advanced security options within OneSpan Mobile Security Suite for your mobile deployments

Besides FIDO authentication, you can benefit from all features that OneSpan Mobile Security Suite offers, and flexible deploy the security features your offering requires (i.e. geolocation, jailbreaking, device binding, secure storage and application shielding with RASP). 

Future proof

FIDO’s open standards based platform ensures you that you invest in a future proof solution. With OneSpan FIDO Authentication, you have the guarantee that new authenticators will be supported out-of-the-box as they enter into the market.

Centrally manage all authentication channels 

You can support all your authentication needs from a single, unified system. All your users are centrally provisioned and managed, and you can provide support for all application, devices and use cases from one system.

Ready to reap the benefits from FIDO certified solutions?

OneSpan offers a comprehensive suite of FIDO enabled solutions to secure your online and mobile applications.