FIDO publishes new authentication standards for post-password era

The Fast Identity Online (FIDO) Alliance has rolled the first specifications for two new security authentication standards - the Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F) – which could see passwords replaced by USB thumb drives and biometric sensors.

The standards have been published with a view to making it possible to sign in to compatible services like email providers and social networks by using a digital fingerprint, a user's fingerprint or a USB thumb drive.

The UAF resolves around password-free biometrics while U2F advocates the use of a USB dongle for two-factor authentication. FIDO plans to include Bluetooth and NFC components as futher authentication methods during 2015.

FIDO has already been used by Google and Samsung for one-touch biometric authentication on the Samsung Galaxy S5 smartphone and Nok Nok Labs has adapted Apple's API to the FIDO standards.

Members of the FIDO Alliance – which comprise device manufacturers, online service providers (such as Google, MasterCard, PayPal, Visa) and enterprises - can now implement and broadly commercialise the specifications.

“Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die,” said Michael Barrett, president of the FIDO Alliance in a statement. “FIDO Alliance pioneers can forever lay claim to ushering in the ‘post password' era, which is already revealing new dimensions in Internet services and digital commerce.”