FIDO Alliance öppnar upp medlemskap för myndigheter

First Identity Online, FIDO Alliance, ett konsortium som arbetar för att ersätta lösenord med standardiserade autentiseringslösningar, inför ny en ny typ av medlemskap för myndigheter runt om i världen. Först ut att gå med är en amerikansk och en brittisk myndighet, skriver FIDO i ett pressmeddelande.

Det rör sig om amerikanska NSTIC/NIST samt Office of the Cabinet i Storbritannien som nu blir medlemmar i FIDO.

- Detta gör det möjligt för myndigheter runt om i världen att bidra med sina unika behov och perspektiv till nästa utveckling av FIDO-standarder, kommenterar Dustin Ingalls, ordförande i FIDO Alliance.

Amerikanska NIST står för National Institute of Standards and Technology och publicerar bland annat standarder och riktlinjer inom IT.

- Jag kan se en dag inom en snar framtid där vissa konsumenter kommer att börja insistera på att kunna utnyttja en FIDO-baserad autentisering för att få tillgång till offentliga tjänster via Connect.Gov, säger Paul Grassi, ansvarig för NSTIC-standarder.

FIDO Alliance består av över 150 medlemsföretag där jättar som Microsoft, Google, Samsung, Intel, Visa, MasterCard och Alibaba ingår. Organisationen har tagit fram en standard för autentisering med hjälp av olika tekniker, bland annat olika typer av biometrilösningar.

https://fidoalliance.org/fido-alliance-announces-government-membership/

Stefan Linnér
stefan.linner@finwire.se, 0701-15 39 64
Nyhetsbyrån Finwire

Microsoft Announces FIDO Authentication Support Planned for Windows 10.

Mountain View, Calif. – Feb. 13, 2015 – The FIDO (Fast IDentity Online) Alliance (https://www.fidoalliance.org/), an industry consortium launched in 2013 to revolutionize online authentication with open standards for simpler, stronger methods, today announced that Microsoft will ship a password replacement solution in Windows 10, and plans to support FIDO authentication. FIDO Alliance board member Microsoft revealed their intentions today, and discussed their plans at the White House Cybersecurity and Consumer Protection summit at Stanford University, where Microsoft and other FIDO Alliance members emphasized the importance of a ubiquitous ecosystem with industry standards. The summit addressed strong authentication among the five featured topics, and FIDO Alliance members presented the ways in which FIDO solutions enable the world to move beyond passwords.

"Moving the world away from passwords is an enormous task, and FIDO will succeed where others have failed," said Dustin Ingalls, Group Program Manager, Microsoft. "The need and appetite for change has never been greater, and we're thrilled to be part of this great working group whose members are actively transitioning FIDO solutions from the drawing board to implementations capable of large scale deployment."

Microsoft has said they are enabling a number of enterprise scenarios to showcase integration of FIDO authentication with Windows 10 sign-in, Azure Active Directory, and major SaaS services. Future plans will showcase FIDO authentication in Windows 10 Active Directory integration for on-premise scenarios and Microsoft Account integration for Microsoft consumer services, such as Outlook.com and OneDrive.

About The FIDO Alliance
The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authenticationtechnologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance is changing the nature of authentication with standards for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO authentication is stronger, private, and easier to use when authenticating to online services.

FIDO Alliance Announces New Leadership Team for 2015.

MOUNTAIN VIEW, CA, Jan 28, 2015 (Marketwired via COMTEX) -- The FIDO (Fast IDentity Online) Alliance (https://www.fidoalliance.org/), an industry consortium launched in 2013 to revolutionise online authentication with open standards for simpler, stronger authentication, today announced the result of their annual officer election, including new president Dustin Ingalls of Microsoft, and the appointment of the organization's first executive director, Brett McDowell.

In addition to appointing first-time officer Ingalls of Microsoft as their new President, Bill Smith of PayPal, Joe Pennisi of Lenovo, and Sampath Srinivas of Google were all re-elected to their 2014 positions of Secretary, Treasurer and Vice President, respectively; and the board appointed additional Vice Presidents Ramesh Kesanupalli, Nok Nok Labs and FIDO Alliance visionary, and Sami Nassar, NXP, expanding the leadership team to address the growing opportunities for FIDO standards adoption in 2015. The Board recognized outgoing President and former PayPal CISO Michael Barrett as Chairman Emeritus.

The year 2014 was an ambitious and successful one for the FIDO Alliance. Membership grew by more than a third, highlighted with additions to a board that now comprises global leaders in consumer devices and platforms, enterprise security, and authenticating high-value consumer transactions online. Met with widespread acclaim, the FIDO Alliance published final 1.0 specifications, the world's first standards for interoperable strong authentication. Thirty-three FIDO Ready(TM) implementations have passed interoperability testing, which offer many easy, secure ways to login and transact with sites, services, or cloud applications using FIDO authentication. Options range from biometrics to hardware tokens, embedded chips, and microSD adaptations, and FIDO U2F products from Google, Yubico, Plug-up, EyeLock and other FIDO Alliance members. Google Chrome, the world's most popular web browser, now provides native support for FIDO authentication. Hundreds of millions of Samsung device users are prepared to use FIDO authentication in mass-scale payments applications that are deployed globally, including on China's largest payments platform, Alipay.

"The crescendo of activity in 2014 around credential theft & payment fraud has resulted in an ecosystem that is clamoring for a stronger solution that's easy to use," said FIDO Alliance President Dustin Ingalls. "The diversity and broad representation present in the FIDO Alliance today make it the frontrunner to deliver a broad industry solution to these issues."

"I see 2015 as the year when FIDO Alliance transitions from simply developing specifications and advocating awareness to an organization that is taking a proactive role in helping to shepherd the inevitable shift in the industry from single-factor password security to simpler, stronger authentication," according to Brett McDowell, Executive Director of the FIDO Alliance. "All the signs point to a dramatic increase in the adoption of biometrics and other innovations that will be enabled for secure, privacy-respecting interoperation through compliance to FIDO standards."

In 2015, the FIDO Alliance will continue to expand the FIDO standards for strong authentication with new versions that will enhance FIDO U2F with additional mobile and wireless capabilities, including extensions for BLE (Bluetooth Low Energy) and NFC (Near Field Communications).

The FIDO Alliance participates in events worldwide to inform global audiences that better authentication -- more secure, private and easier-to-use than passwords -- has arrived and is ready to use now.

About The FIDO Alliance The FIDO (Fast IDentity Online) Alliance,www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance is changing the nature of authentication by developing standards-based specifications for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO authentication is stronger, private, and easier to use when authenticating to online services.

The FIDO Alliance Board of Directors includes leading global organizations: Alibaba Holdings BABA, -4.36% ; ARM Holdings plc (ARM) ARMH, +0.25% ; Bank of America Corporation BAC, -2.75% ; CrucialTec (krx:114120); Discover Financial Services DFS, -1.26% ; Google; IdentityX; Lenovo; MasterCard MA, -1.26% ; Microsoft MSFT, -3.45% ; Nok Nok Labs, Inc.; NXP Semiconductors N.V. NXPI, +1.41% ; Oberthur Technologies OT; PayPal EBAY, -1.55% ; Qualcomm, Inc. QCOM, -1.09% ; RSA(R); Samsung Electronics, Ltd (koscom:SECL); Synaptics SYNA, +0.92% ; Visa Inc. V, -1.84% ; Yubico.

Strong Authentication in 2015.

Mountain View, CA – December 9, 2014 ­ The FIDO (Fast IDentity Online) Alliance (https://www.fidoalliance.org/), an open industry consortium delivering standards for simpler, stronger authentication, today published final 1.0 drafts of its two specifications – Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F). Members of the FIDO Alliance comprise device manufacturers, online service providers and enterprises, who can now implement and broadly commercialize FIDO 1.0 specifications to make authentication simpler and stronger for all.

“Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die,” said Michael Barrett, president of the FIDO Alliance. “FIDO Alliance pioneers can forever lay claim to ushering in the ‘post password’ era, which is already revealing new dimensions in Internet services and digital commerce.”

According to Verizon’s Data Breach Investigations Report, weak or stolen login credentials were a factor in more than 76 percent of the breaches analyzed. Along with Verizon, Ponemon Research and PwC report that the volume and severity of data breaches is continuing to rise, with centralized datasets of personal and sensitive information being the most targeted and the most vulnerable to scaled attacks. Responding to the risk and loss perpetuated by prevailing password systems, FIDO specifications define an open, scalable, interoperable set of strong authentication mechanisms that reduce the reliance on single­factor username and password login.

The specifications outline a new standard for devices, servers and client software, including browsers, browser plugins, and native app subsystems. Any website or cloud application can interface with a broad variety of existing and future FIDO­enabled authenticators, ranging from biometrics to hardware tokens, to be used by consumers, enterprises, service providers, governments and organizations of all types.

Keeping with the FIDO Alliance mission, both specifications are unencumbered by FIDO member patents. Members are free to implement and market solutions around FIDO­enabled strong authentication, and non­members are free to deploy those solutions. As previously announced, current implementations available in the market include those from Nok Nok Labs, Synaptics, Alibaba, PayPal, Samsung, Google, Yubico and Plug­Up.

While the core 1.0 specifications are final, the FIDO Alliance is nearing completion of extensions that will incorporate Near Field Communications (NFC) and Bluetooth into the range of FIDO capabilities. Continuing evolution of the specifications based on new requirements and/or deployment experience will help ensure ongoing alignment of FIDO standards with demands in the consumer devices, online services and enterprise markets.

“The fact that the FIDO Alliance was able to develop complete specifications so quickly and with such broad support is evidence that they are tackling a pervasive industry pain point,” said Steve Wilson, Vice President and Principal Consultant at Constellation Research. “No consortium in the identity management (IdM) industry has every grown so fast, with such strong representation from the technology buy side. What’s most impressive is the FIDO Alliance’s focus on the authentication plumbing. The protocols enable trusted client devices to trade just the right data about their users. FIDO specifications aren’t tangled up in messy identity policy decisions. It’s an elegant breakthrough, and, going forward, it should drive a lot of the classic complexity out of the IdM space.”

“Our members’ determination, cooperation and tireless perseverance have delivered this landmark accomplishment in less than two years from announcing the FIDO Alliance and its goal to develop industry open standards for interoperable, privacy­respecting strong authentication,” said Brett McDowell, executive director of the FIDO Alliance. “I applaud and congratulate the members of the FIDO Alliance on these accomplishments, and look forward to our continued collective effort to bring FIDO­enabled experiences to the global marketplace in 2015 and beyond.”

About The FIDO Alliance.

The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authenticationtechnologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The Alliance plans to change the nature of authentication by developing standards­based specifications for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO authentication is stronger, private, and easier to use when authenticating to online services.

The FIDO Alliance Board of Directors includes leading global organizations: Alibaba Holdings (NYSE: BABA); ARM Holdings plc (LSE: ARM and NASDAQ: ARMH); Bank of America Corporation (NYSE:BAC); BlackBerry®; CrucialTec (KRX: 114120); Discover Financial Services (NYSE: DFS); Google; IdentityX; Lenovo; MasterCard (NYSE: MA); Microsoft (Nasdaq "MSFT"); Nok Nok Labs, Inc.; NXP Semiconductors N.V.(NASDAQ:NXPI); Oberthur Technologies OT; PayPal (NASDAQ:EBAY); Qualcomm, Inc. (Nasdaq: QCOM); RSA®; Samsung Electronics, Ltd (KOSCOM: SECL); Synaptics(NASDAQ: SYNA); Visa Inc. (NYSE: V); Yubico.

Fido Alliance om framtiden.

FIDO Alliance har idag publicerat sitt slutgiltiga utkast till nya
säkerhetsstandarder för hur vi identifierar oss på Internet. FIDO grundades
2012 av bland annat PayPal och Lenovo och har sedan dess växt till över 150
medlemsföretag med jättar som Microsoft, Google, Samsung, Visa, MasterCard
och Alibaba.

-Idag firar vi en prestation som kommer att definiera den punkt när den
gamla världsordningen med lösenord och PIN-koder började vissna och dö,
kommenterar Michael Barrett, ordförande i FIDO Alliance.

FIDO:s specifikationer syftar till att erbjuda säkra inloggningsalternativ
och därmed ersätta vanliga lösenord. Bland annat kan protokollen använda
sig av olika typer av biometrilösningar och USB-nycklar för autentisering
av användaren. Tekniken har i dagsläget implementerats av bland annat Nok
Nok Labs, Synaptics, Alibaba, PayPal, Samsung, Google och Yubico.

Inom biometribranschen är flera av de nordiska bolagen medlemmar i FIDO,
bland annat Fingerprint Cards & Precise Biometrics.

Fido

https://fidoalliance.org

About The FIDO Alliance

The Mission of the FIDO Alliance is to change the nature of online authentication by:

• Developing technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users.
• Operating industry programs to help ensure successful worldwide adoption of the Specifications.
• Submitting mature technical Specification(s) to recognized standards development organization(s) for formal standardization.

You may want to start with the specifications overview:

The FIDO (Fast IDentity Online) Alliance is a 501(c)6 non-profit organization nominally formed in July 2012 to address the lack of interoperability among strong authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plugins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security.

Fido har valt Fingerprint Cards.

https://www.bullstreet.se/2013/12/fido-alliansen-har-valt-fingerprint-cards/

Appel: Fingeravtryck nyckeln till framtidens e-handel.

Artikel från Bullstreet.

https://www.bullstreet.se/2014/06/apple-fingeravtryck-nyckeln-till-framtidens-e-handel/

Gemensam plattform för e-handel.

Artikel från Bullstreet.

https://www.bullstreet.se/2014/01/varldens-giganter-lanserar-en-gemensam-plattform-e-handel-borjan-av-2014/