What is FIDO?
The FIDO Alliance (Fast IDentity Online) is an open industry association, of which Beyond Identity has been a member of since 2020, that oversees the development and publication of strong passwordless authentication standards using public-private key cryptography. Additionally, the alliance operates certification programs to ensure the security and interoperability of solutions delivering FIDO capabilities.
The organization’s most recent publication is the FIDO2 specifications which encompasses W3C’s Web Authentication (WebAuthn) and FIDO Alliance’s Client to Authenticator Protocol (CTAP). Taken together, FIDO2 enables users to leverage devices they already have to authenticate to online services without the friction of passwords and with much higher security than passwords and SMS OTPs (one-time passcodes).
Encouragingly, three major technology leaders, Apple, Google, and Microsoft, announced plans in June 2022 to support FIDO authentication on their platforms ushering in higher awareness of strong passwordless authentication and increasing adoption momentum.
Beyond Identity and FIDO
As a FIDO Alliance member since 2020, Beyond Identity has been committed to and involved in the work of the Alliance to drive the adoption of strong authentication. In 2023, Beyond Identity achieved FIDO2 certification.
The certification program enforces rigorous testing to ensure strict conformance to security and interoperability across the ecosystem of products and services deploying FIDO2 authentication as well as functional compatibility across endpoint devices.
Beyond Identity extends FIDO’s baseline security and interoperability standards cloud-native platform that equips organizations with enterprise-ready capabilities to easily, securely, and universally deploy phishing-resistant passwordless MFA that is in alignment with a zero trust security approach.
By augmenting FIDO specifications with an enterprise-ready authentication solution, Beyond Identity enables organizations to:
- Accelerate onboarding, productivity, and ubiquitous MFA adoption with single-device passwordless authentication with no OTPs, push notifications, or magic links
- Simplify implementation with Universal Passkey Architecture that offers support across any browser, device, application type, and protocols
- Eliminate all phishable factors including passwords, one-time codes, and push notifications with phishing-resistant MFA using public-private key pairs where the private key is created, stored, and never leaves a user’s known device
- Ensure that only authorized users using secure devices can gain access with cryptographic assurance of user identity and fine-grained device security posture checks for all endpoints in fleet including BYOD and unmanaged devices
- Enforce continuous risk-based access policies to prevent insecure devices from accessing corporate resources even during authenticated sessions
- Lay the foundation for zero trust architecture with an authentication platform that supports zero trust ecosystem integrations out-of-box including SIEMs, MDMs, EDRs, XDRs, and ZTNA tools.