Encyclopedia

FIDO authentication

Entersekt | Encyclopedia | FIDO authentication
What is FIDO authentication?

Fast IDentity Online or FIDO, is a technical specification for digital identity authentication developed by the FIDO Alliance. FIDO implements cryptographic credentials as multi-factor measures to improve the security of banking transactions. FIDO simplifies verification while improving security.

This is why many major device manufacturers (including Apple, Huawei, and Windows) have integrated FIDO technology, like passkeys, in their platforms.

FIDO2 is the newer version of the standard. This iteration aims to eliminate password use entirely over the internet, allowing users to use common devices to authenticate to online services on mobile or desktop.

What does FIDO passwordless authentication mean?

The FIDO specifications are a form of passwordless authentication because they don’t rely on passwords, or the knowledge factor, to verify a customer’s identification. Instead, FIDO uses cryptographic keys to secure user logins which are more secure and specifically resistant to phishing attacks.

Passwordless authentication, like passkeys, is growing in popularity among consumers as it not only improves digital banking security but also provides a smoother user experience with less friction.

How does FIDO authentication work?

In banking, logins that require users and software to remember a password or correctly enter a code result in an exchange of sensitive information. With FIDO technology, however, biometric readers and cryptographic hardware tools are embedded in the customer's device like their mobile phone, or tablet. This includes touch, voice, or face authentication.

FIDO2 authentication reduces the attack surface for cybercriminals, and in doing so, also eliminates the possibility of phishing schemes and password theft. This process renders one-time passwords (OTPs) or pin codes obsolete. As a result, attackers cannot persuade victims to share this type of sensitive information.

How is FIDO authentication used in banking

FIDO provides a more modern and secure alternative to username and password logins. In digital banking, this is essential to protect banks and their customers from evolving online banking fraud. In addition to better security, FIDO also improves the user experience in digital banking and aligns with regulatory standards like the Revised Payment Services Directive (PSD2).

Additional resources:


Keywords:

FIDO authentication | Passwordless authentication | PSD2
F