Fido reveals Google, Samsung deployments
22 May 2015 14:32 GMT

Online authentication standards body the FIDO (Fast IDentity Online) Alliance has introduced a testing programme for certification and revealed the details of 31 firms which have already passed FIDO certification.

Last December, the alliance published a final draft of standards that it said will end the era of passwords. The specifications outlined a new standard for devices, servers and client software, including browsers, browser plugins, and native app subsystems.

Fido noted in a statement that testing is open to members and non-members and uses industry-standard best practices to objectively evaluate technical implementations of the FIDO 1.0 specifications, which are made up of the Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F).

The first FIDO Certified testing sessions were conducted on 29-30 April at events in San Jose, and Mountain View, CA where dozens of companies participated and achieved FIDO Certified status.

"FIDO certification satisfies a need to ensure that implementations of the FIDO specification are uniform across products and that those products are interoperable," said Brett McDowell, executive director of the FIDO Alliance. "The FIDO Certified program offers the type of oversight that vertical industries need to hasten the adoption of strong authentication products that stretch across enterprise boundaries and the range of mobile and other devices key in today's computing environment."

The lists of Fido-certified firms includes Google, Samsung, Qualcomm and Infineon. For a full list, see here.

Meanwhile, 18 products have been certified including the Google Login Service, Samsung’s Secure Identification Framework (SIDF) v1.0 and egis’ Yukey UAF Client 1.0.

"Certification of serious security components and sub-systems is absolutely essential as we have come to realize how much is at stake when authentication systems don't perform as expected. With major data breaches escalating, so is demand for strong authentication," said Steve Wilson, Vice President and Principal Consultant at Constellation Research.

"Moreover, demand for certified authentication solutions is also rising. A standards based authentication solution is only as good as its conformance to those standards. The FIDO Alliance has worked hard on its conformance program from the very beginning. The new FIDO Certified program is well thought through, and isn't just another box ticking exercise. It complements and reinforces the Alliance's rigorous specifications development from incubation right through to standardisation."