Is FIDO authentication the future of online authentication products?

1/12

Password problems plaguing you? FIDO Alliance hopes to have the answers

Source:  Thinkstock

Face it, usernames and passwords are pain points for employees and enterprises alike. Not only are they difficult to remember -- and oftentimes annoying to create -- but they're also fraught with risk, vulnerability and fraud.

Wouldn't it be great to find a better set of standards and products for authenticating users who need to log in to their devices, access the corporate network or utilize business-critical applications?

The time for new technology is now. Gone are the days when passwords and PINs could provide the security an enterprise needs. Today, biometric verification -- a fingerprint, a retina scan or even the sound of a voice -- or security tokens -- an SD card or a key -- can easily confirm that users are who they claim to be and provide access into the many layers of devices, applications and systems that employees must leverage on a daily basis.

At the 2014 International Consumer Electronic Show, the Fast IDentity Online (FIDO) Alliance -- a nonprofit organization that formed in 2012 to address the lack of interoperability among strong authentication devices, as well as the password problems users face with creating and remembering multiple passwords -- showcased a number of innovative authentication products that met the requirements of the strict FIDO Ready Certification program.

Click through the slides that follow to learn more about each featured FIDO Ready product and the technology it uses to authenticate users, and about how the organization aims to help create a more secure enterprise environment than passwords or PINs ever could.

View All Photo Stories

Join the conversation

5 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Has your organization replaced the password with a biometric product? If so, which one?
Cancel
No until they come up with a solution to the following issue.

Biometrics can theoretically be operated together with passwords in two ways, (1) by AND/conjunction or (2) by OR/disjunction. I would appreciate to hear if someone knows of a biometric product operated by (1). The users of such products must have been notified that, when falsely rejected by the biometric sensor with the devices finally locked, they would have to see the device reset.  It is the same with the biometrics operated without passwords altogether.

Biometric products like Apple's Touch ID are generally operated by (2) so that users can unlock the devices by passwords when falsely rejected by the biometric sensors. This means that the overall vulnerability of the product is the sum of the vulnerability of biometrics (x) and that of a password (y). The sum (x + y - xy) is necessarily larger than the vulnerability of a password (y), say, the devices with Touch ID and other biometric sensors are less secure than the devices protected only by a password.

It is very worrying to see so many ICT people being indifferent to the difference between AND/conjunction and OR/disjunction when talking about “using two factors together”.
Cancel
I don't see us using a biometric layer of security. Mainly due to the cost of setting one up for the volume of users we have all across the country. It's not been proven to be a "end all" to a security issue. It's still hackable. 
Cancel
Not hardly. We've seen some biometric solutions and they're not where movies might have you believe yet without getting into big money. For now, keeping good provisioning for systems and solid passwords has to be enough.
Cancel
Biometrics can theoretically be operated together with passwords in two ways, (1) by AND/conjunction or (2) by OR/disjunction. I would appreciate to hear if someone knows of a biometric product operated by (1). The users of such products must have been notified that, when falsely rejected by the biometric sensor with the devices finally locked, they would have to see the device reset.  It is the same with the biometrics operated without passwords altogether.

Biometric products like Apple's Touch ID are generally operated by (2) so that users can unlock the devices by passwords when falsely rejected by the biometric sensors. This means that the overall vulnerability of the product is the sum of the vulnerability of biometrics (x) and that of a password (y). The sum (x + y - xy) is necessarily larger than the vulnerability of a password (y), say, the devices with Touch ID and other biometric sensors are less secure than the devices protected only by a password.
It is very worrying to see so many ICT people being indifferent to the difference between AND/conjunction and OR/disjunction when talking about “using two factors together”.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close