![]() Additionally, enterprises can set minimum PIN lengths. The CTAP v2.1 additions include better biometric enrollment and management features, so that users can register multiple fingerprints and other bio-markers. It also helps in situations when users are connecting via bandwidth-limited circumstances (such as via Bluetooth or poor Wifi signals) to keep the authentication workflow moving without a lot of back-and-forth network traffic and latency delays.įIDO Alliance has been pleased to have Apple as a contributing member for the past 18 months. This feature adds support for Apple’s method of doing attestation on their devices using the WebAuthn protocols. The new standards make a very safe, secure and encrypted way to accomplish these transactions, without revealing data pulled from multiple domains such as the originating vendor, the user’s bank account, a credit card issuer, and so forth. This feature allows web-based ecommerce transactions to be completed within pop-up windows on a browser, something that was forbidden in earlier FIDO versions as a way to protect potential man-in-the-middle and man-in-the-browser attack scenarios. Instead, authenticators must be pre-programmed (before credential registration) with these enterprise attestations by the enterprises themselves. Because these features can reveal some private user information – information that they would have divulged anyway to their employer – this feature is not available directly to consumers’ authenticators. The CTAP and WebAuthn protocols have added features that make it easier for enterprises to add specific user identity data during the registration process, so corporate administrators can more easily track key distribution and usage. Today’s announcements increase support for enterprise management of devices and users. There are six major improvements that we are announcing today: This standard makes it easier to write web applications that use FIDO Authentication, which is now supported across the five major endpoint operating systems (Windows, MacOS, Linux, Android, ChromeOS, and iOS). Level 2 is the latest version of the standard, which is maintained by the W3C organization and was released in April. ![]() The FIDO2 WebAuthn protocol is a set of application programming interfaces (APIs) that describe how to enable authentications inside browser sessions. These enhancements come at an appropriate time, given the increased demand and rate of adoption for FIDO methods as the pandemic and remote work continues throughout the world. Both are significant advances in extending FIDO’s capabilities specifically for enterprise users and supporting more complex application use cases. Today we are announcing enhancements to two of the core FIDO protocols, the Client To Authenticator Protocol (CTAP) v2.1 and WebAuthn Level 2 – which collectively comprise FIDO2. ![]() By David Turner, Director of Standards Development, FIDO Alliance
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |