FIDO FAQ

This FAQ is intended to answer general questions about FIDO and the FIDO authenticators that will be offered by HID Global.

What is FIDO®?

FIDO (Fast IDentity Online) is an open and scalable industry standard that enables simpler and more secure user authentication experiences across many websites and mobile services. Members of the FIDO Alliance include Google, Microsoft, Amazon, Mastercard, American Express, Visa and PayPal.

How does FIDO improve security?

FIDO defined a set of standards that can be used to improve authentication and eliminate passwords and weaker forms of two-factor authentication.

Is FIDO widespread?

Yes! Part of FIDO is standardized by W3C (the body that standardizes HTML) and all major browser vendors have committed to implement it. Similarly, there are FIDO authenticators available in the market from many vendors.

Is FIDO more for consumers?

No. While FIDO was initially focused on consumer use cases, it can be used in an employee setting; notably Microsoft announced support for FIDO.

What did Microsoft® announce?

Microsoft announced Security Key for Windows Hello, which is to say that Active Directory users will be able to use FIDO 2 authenticators to login to Windows 10. See: https://www.microsoft.com/en-us/microsoft-365/blog/2018/04/17/windows-hello-fido2-security-keys/

On the consumer side, Microsoft also is currently adding in the latest Windows Insider versions of Windows 10 support for FIDO to the Microsoft account.

When can I use a FIDO authenticator to login to Windows 10?

Security Key for Windows Hello is currently in a limited preview. The public preview is expected during 2019.

Will FIDO be appropriate for the healthcare market?

FIDO is particularly well suited to healthcare applications thanks to its focus on security and privacy as well as the ability to cater to clinicians, doctors and others who may be sharing a kiosk or a computer.

For patients using home healthcare services, the fact that FIDO will be adopted broadly by web browsers means that over time patients will have the ability to securely and privately communicate with their remote healthcare providers.

Will FIDO be appropriate for the retail and manufacturing market?

For environments where several employees access the same kiosk throughout the day, FIDO can significantly improve security by moving away from shared accounts to a per-user account with strong authentication.

FIDO can also provide roaming from one kiosk to another without requiring the need to register each user or FIDO authenticator to each kiosk.

Will FIDO be appropriate for government organizations?

FIDO can be leveraged by government organizations to protect both its employees and contractors accessing IT services as well as its constituents accessing online government services.

The speed of and ease of FIDO authentication makes it appropriate for first responders and law enforcement organizations.

What is HID® doing regarding FIDO?

HID has long invested into FIDO support into several of its offerings. This includes the ActivID® BlueTrustTM Token, a device the size of a keychain that uses Bluetooth LE to provide FIDO 1.0 support to applications on PC and mobile devices, as well as support FIDO authenticators with DigitalPersona®1.

For the last year and a half, HID has also worked with Microsoft so the upcoming new generation of HID authenticators will support FIDO2 and work with Security Key for Windows Hello. The new generation of HID authenticators will come in several form factors including smart card and USB dongle and will support existing authentication protocols such as PIV/PKI and one-time passwords while adding support for FIDO2.

Will I be able to have one device to open my office door and access my work computer?

Yes. HID's new generation of authenticators will include a new version of the Crescendo® card that will combine physical access and FIDO2 support, alongside other capabilities like PKI/PIV and OATH one-time password.

When will the new generation of authenticators be available from HID?

The new generation of authenticators is targeted to be available in H1 2019.

Where can I find more information on FIDO?

A free webinar is available at: https://register.gotowebinar.com/register/7887794555902854658

hidglobal.com

© 2019 HID Global. All rights reserved. HID, the HID logo, Genuine HID, ActivID, BlueTrust, and Crescendo are trademarks or registered trademarks of HID Global in the U.S. and/or other countries. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners.

2019-02-15-iams-fido-faq-en PLT-04253

¹ DigitalPersona transforms the way IT executives protect the integrity of the digital organization. Utilizing a composite authentication approach, the solution goes beyond two-factor (2FA) and multifactor (MFA) to secure every user, application and endpoint. Learn more at: https://www.crossmatch.com/digitalpersona/