The password paradigm is widely acknowledged to be obsolete, but to usher in something new requires an industry-wide effort. To help manage this issue, some of information technology’s biggest players formed the FIDO (Fast IDentity Online) Alliance, which is now revolutionizing online authentication with its standards-based open protocols aimed at reducing our reliance on vulnerable password-based security systems.
Entersekt joined FIDO early in 2013 and has been an active participant in formulating the specifications released to the public over the last year. Any institution, software developer, or online service provider can build support for FIDO into their existing products and services to make online authentication simpler and stronger for everyone.
There are two sets of FIDO specifications: Universal Authentication Factor (UAF) and Universal Second Factor (U2F). Both sets of specifications use standard public key cryptography to strengthen digital authentication and are resistant to phishing and other forms of online fraud. Where they differ is in the user experience – in the factors users must provide to authenticate themselves. The UAF protocol delivers a strong authentication experience without passwords, instead relying on biometrics such as fingerprints and iris scans to authenticate users. U2F, on the other hand, strengthens traditional password authentication by mandating the use of a physical token over and above their password.
A FIDO Ready™ U2F token with a difference
Entersekt’s push-based authentication product, Transakt, was one of the first solutions to pass FIDO’s testing program as a FIDO Ready™ U2F token. It is the only such solution centered on the mobile phone or tablet – something people always carry with them.
Entersekt’s mobile-phone-based two-factor authentication solutions have been used by financial services companies for years. This banking-grade security is now available to secure access to any FIDO-enabled online service, allowing Transakt users to conveniently identify themselves through their mobile device without having to carry a hardware token or retype one-time passwords.
Available as a software development kit or mobile app, Transakt harnesses the power of public key infrastructure and seamlessly deploys it to the mobile phone. Industry-standard X.509 digital certificates simultaneously identify online service providers and their customers’ mobile devices, eliminating the need for proprietary hardware tokens or cumbersome one-time passwords. Through a simple, one-click process, Transakt allows users to verify their identities and digitally sign transactions. All communications between the device and service provider are encrypted end to end.
For more information on the FIDO Alliance, FIDO specifications, and Entersekt’s FIDO-ready solution, download our complimentary white paper, Get FIDO Ready.