The FIDO Alliance has announced a new version of its specifications.
Complementing the FIDO 1.0 specifications launched about two years ago, the FIDO 1.1 specifications add support for NFC, Bluetooth Low Energy, and smart cards. In a statement announcing the new specifications, the consortium also said they offer “an expanded authenticator metadata service to better serve the risk management requirements of online service providers.”
FIDO also pointed to progress on other fronts. Its effort to develop a standard for EMVCo uses cases now has a tentative name: The User Verification Caching specification. The consortium has also now sent to the W3C a draft of its Client-to-Authenticator Protocol (CTAP), which is meant to enable browsers and operating systems to communicate with USB, NFC, and Bluetooth-based authentication devices. FIDO is aiming to have that protocol ready next year.
Meanwhile, FIDO’s specification for Web Authentication “is moving along steadily,” with the W3C currently welcoming comment on the latest draft. With a range of supporters now offering FIDO authentication to over 1.5 billion end users, this all points the way to even better security for users in the months and years to come.
December 8, 2016 – by Alex Perala