FIDO Alliance Releases Security Testing Program

Register now

The Fast Identity Online Alliance has established its FIDO Certified testing program for products and services that support the alliance's security specifications.

Thirty-one security authentication providers are already certified and are selling their products, FIDO said in a May 21 press release.

The FIDO Alliance industry consortium began its work three years ago, seeking authentication frameworks and second factors that would help organizations and individuals eventually eliminate passwords in e-commerce.

“FIDO certification satisfies a need to ensure that implementations of the FIDO specification are uniform across products and that those products are interoperable,” Brett McDowell, executive director of the FIDO Alliance, stated in the release.

The FIDO Certified program offers oversight that vertical industries need "to hasten the adoption of strong authentication products that stretch across enterprise boundaries and the range of mobile and other devices key in today’s computing environment,” McDowell added.

The new FIDO Certified testing program complements the previous FIDO Ready program, which was the first brand to define FIDO tested products.

The first FIDO Certified testing sessions were held San Jose and Mount View, Calif.

Future testing sessions will occur every 90 days, or as demand dictates, FIDO said.

MasterCard became the first card network to join the alliance in October of 2013, around the same time it was involved in initiatives with Visa and American Express to replace payment card account numbers with a secure token for online or mobile purchases.

Discover joined the FIDO Alliance board two months later, joining Google, PayPal and others.

Most major technology and security firms, including Nok Nok Labs, Oberthur Technologies, ValidSoft, Samsung, ARM and Alibaba, are FIDO Alliance members.

The alliance took what it called "a major step" in its efforts to wipe out passwords in December of 2014 when releasing its FIDO 1.0 specifications with the Universal Authentication Framework and Universal Second Factor, providing e-commerce merchants with a second authentication factor.

For reprint and licensing requests for this article, click here.