FIDO

Since 2014 Daon has been a full, voting, board-level member of the FIDO Alliance, an industry consortium which proposes specifications for strong, interoperable online authentication. Daon is active in the Technical Working Groups driving the specifications and the IdentityX Server was one of the first group of servers certified as compliant with the Universal Authentication Framework (UAF) Specification.

FIDO Universal Authentication Framework (UAF) Specification

The FIDO UAF specification allows services to offer password-less and multi-factor security. The user authenticates locally to their device and then the device authenticates securely to IdentityX using public key cryptography. This ensures that the client's credentials are not transmitted and cannot be phished.

The IdentityX server together with the IdentityX Client SDKs on both iOS and Android have been certified UAF compliant. IdentityX provides the scalability, configurability, reliability and performance around that specification. The extensions to the FIDO UAF specification allow Daon to provide customers with further benefits over and above the specification.

FIDO 2 and W3C Web Authentication

W3C

FIDO 2 is the set of specifications for next generation authentication from the FIDO Alliance. The Web Authentication APIs have been developed by the FIDO Alliance in conjunction with the World Wide Web Consortium (W3C). This brings secure authentication to internet browsers and has been implemented by Google, Microsoft and Mozilla.

stick

IdentityX fully supports Web Authentication and this allows relying parties to add hardware tokens (U2F) and inbuilt platform authenticators such as Windows Hello and Android Fingerprint readers to their services.

Learn more about IdentityX and FIDO

For more information on Daon, the FIDO compliance of IdentityX, or our work with FIDO Alliance on ease of use, standardization, privacy and security, get in touch with us here.