The Go-To Standards Body for Identity Management Protocols Sees First Products Released
The FIDO Alliance is a fast-growing consortium of identity vendors, product companies and service providers working on protocols and standards to strongly authenticate users and personal devices online. With a fresh focus in this traditionally complicated field, FIDO envisages simply “doing for authentication what Ethernet did for networking”.
Launched in early 2013, the FIDO Alliance has now grown to over 130 members. Included are: technology heavyweights like Google, Lenovo and Microsoft; payments giants Discover, MasterCard, PayPal and Visa; and e-commerce players like Netflix. There are also a couple of dozen biometrics vendors, many leading Identity and Access Management (IDAM) solutions and services, and almost every SIM and smartcard supplier.
FIDO is different from anything else in the field. The typical elevator-pitch in IDAM promises to “fix the password crisis”1– usually by changing the way business is done. Most IDAM initiatives unwittingly replace clear-cut technology problems with business transformation problems. In contrast, FIDO’s mission is refreshingly clear: it seeks to make strong authentication interoperable between devices and servers. When users have activated registered FIDO-compliant devices, verified details about their devices and the status of their logons become available to service providers. FIDO leverages the ubiquity of sophisticated handsets and the storm-surge of smart things and wearables.
In February 2014, the FIDO Alliance released its first two protocol drafts for public comment. In the same month, at the Mobile World Congress in Barcelona, the first FIDO-enabled application went live: PayPal’s fingerprint-controlled payment app for the Samsung Galaxy S5. Since then, the Alliance has continued to add significant new members from all corners of the identity ecosystem. Constellation notes in particular recent joiners Aetna, Bank of America, Gemalto, Giesecke & Devrient, Goldman Sachs, Netflix, RSA, Salesforce, Samsung and Visa.
With its focus, pragmatism and membership breadth, FIDO is today’s go-to authentication standards effort. In this report, Constellation looks at what the FIDO Alliance has to offer vendors and end user communities, and its critical success factors. While it’s early days and FIDO is tracking strongly, we also offer suggestions to help keep the mission strong.
This is the latest installment in Constellation’s continuous coverage of the FIDO Alliance. Each new report retains sufficient background so newcomers can quickly get up to speed with the Alliance, its objectives and its work, and presents our analysis of the most significant developments in applications and the membership. The earlier reports were:
- Update on the FIDO Alliance, February 2, 2014
- The FIDO Alliance, December 20, 2013
This report offers insights into four of Constellation’s primary business research themes: Next-Generation Customer Experience, Matrix Commerce, Technology Optimization and Innovation and the Future of Work.