Multifactor authentication from FIDO


Yubico U2F Yubikey NEO

Yubico provides strong hardware-based multifactor authentication that is easy, affordable, and FIDO compliant. Driverless multiplatform USB and NFC devices give it a wide multiplatform and capable reach. Yubico makes a commitment to open source/open standards, which is helping spur the extension of their technology beyond the already long list of supported vendors and partners.

As of today, the Yubico U2F Yubikey NEO [8] is the main FIDO Ready product. It is not in public deployment but is scheduled to be released to the general public in late 2014. The CEO and Founder of Yubico, Stina Ehrensvard, agreed to answer some of my questions regarding Yubico's U2F-focused products. In describing the Yubico Yubikey NEO, she stated: "FIDO U2F is different: It is easy to use. Just a simple PIN and touch. Or for users who prefer biometrics instead of entering a PIN/password, they can swipe their finger on their device."

Furthermore, the Yubikey has attracted some interest from large players such as Google and others. Ehrensvard stated: "As of today Google has implemented YubiKey NEO with FIDO U2F across their enterprise. Several enterprises and online services are in the same process, but these are not yet official." Yubico expects more than 200,000 YubiKey NEOs will be deployed within Google and elsewhere for U2F authentication. This is quite promising for an evolving standard.

When I asked Ehrensvard why she thinks FIDO U2F will succeed where other standards and technologies have not, she said: "It is designed to be truly open and encourage innovation. Google and Yubico has already published U2F open source reference code, initially available for all FIDO members, and by end of the year it will be available for any organization who wants to build their own server back end and develop their own FIDO devices. FIDO U2F is designed to be a truly open standard, encouraging multiple authentication methods and chip/device/token/software vendors to innovate and compete."

With the massive backing of many very large providers and partners, you can rest assured that Yubico's FIDO Ready solutions will be a leader in multifactor solutions of the future.

Nok Nok Labs

Nok Nok Labs offers another stellar solution from one of the founding members of the FIDO alliance and inventor of the FIDO UAF protocol. Instead of authentication silos, Nok Nok developers envision a world embracing myriad technologies and the FIDO protocol for simple, secure, ubiquitous authentication. This includes biometric, non-biometric, hard token, and software – all providing easy secure authentication.

In an interview with Brendon Wilson, Director of Product Management at Nok Nok, he describes their efforts as not just another authentication vendor offering a point solution. Instead, the company aims to change the underlying framework on which current authentication solutions depend. The Unified Authentication Infrastructure leverages the Universal Authentication Protocol to provide a scalable, strong authentication protocol designed for modern computing requirements and the "Internet of Things."

Today, Nok Nok Labs' S3 Authentication Suite [9] powers fingerprint authentication for PayPal on several Samsung devices. Nok Nok also enables FIDO Ready authentication on many Lenovo laptops. In an email interview, McDowell of FIDO Alliance detailed this promising deployment: "The first deployment of FIDO Ready authentication was announced by Samsung and PayPal, utilizing implementations of FIDO specifications by Nok Nok Labs and the Synaptics fingerprint sensors embedded in the Samsung Galaxy S5. The same FIDO Ready payments technology is now shipping in the newer Samsung Galaxy S5 mini and the Samsung Galaxy Tab S devices."

With backing from these major players, the solutions from Nok Nok based upon FIDO standards look to be a major part of the future replacement of the hackneyed old password.

FIDO and the Future

McDowell put it best when he said of the future of the alliance: "As the famous adage goes, 'prediction is hard, especially when it is about the future.' But I'm a firm believer that FIDO protocols are in an almost unique position in the history of Internet technology with a solution that has been well vetted and prepared to meet the opportunity to serve this unprecedented pent-up demand for an open standard approach to addressing the password-centric vulnerabilities plaguing our ecosystem at an increasingly alarming rate." I hope he's right; the tired single-factor password needs to retire as soon as possible.

The momentum behind FIDO is strong. Its many players are trying to solve the age-old woes of single-factor authentication. Keep watching as this standards body continues to develop and refine its specification to be the unifying force in authentication. An extensive range of authentication technologies are all embracing this new promising opportunity. Device-independent, simple, and secure authentication is definitely something to look forward to.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=