W3C Announces Web Authentication Standards Project

W3C Launches Web Authentication Project Based on FIDO StandardsThe World Wide Web Consortium (W3C) has announced it is embarking on a project to establish Web Authentication standards based on FIDO Alliance specifications.

In a statement announcing the effort, W3C Director Sir Tim Berners-Lee framed it as a response to the advancing security risks on the Internet, noting that “[w]ith the scope and frequency of attacks increasing, it is imperative for W3C to develop new standards and best practices for increased security on the Web.” The Web Authentication project will complement W3C’s WebCrypto API effort, which is intended to establish a Javascript API of cryptographic standards applicable to all browsers, and its Web Application Security project; and all of this is in service of the larger goal of developing an Open Web Platform with standardized security.

W3C says its Web Authentication project is being accelerated by a W3C member submission of FIDO 2.0 Web APIs. As the major cross-industry consortium working on digital authentication standards more broadly, the FIDO Alliance is understandably seen as a reliable leader in these efforts, and indeed W3C recently offered its support to FIDO as the latter submitted recommendations to EU regulatory authorities regarding digital payments standards.