For quite some time, Google has been trying to make passwords a thing of the past. Back in October, they announced Security Key, a physical USB key that’s part of the 2-step authentication process. They key is inserted into your computer, letting the computer know it’s actually you logging in. The groundwork for Security Key was developed by the FIDO (Fast Identification Online) Alliance, a group dedicated to developing alternative methods to verify a user’s identity online. Up until now, we haven’t heard much about the Security Key technology or FIDO making any progress.
Today, FIDO has released version 1.0 of their alternative password open standard. Version 1.0 will be more widely available for more sites to adopt the standard, and provide further cryptographic authentication to their users. Google’s Security Key is built on an earlier version of FIDO’s open standard, as is Samsung’s fingerprint scanner. This newer version is more stable and effective, and should be showing up around websites and apps within the coming months. FIDO’s open standard will also be updated next year with support for Bluetooth and NFC, allowing users to unlock their smartphones using even more types of technology.
So, what does this mean for you? Thanks to version 1.0, more online businesses will begin to adopt this technology, allowing you to use a physical USB key, fingerprint reader and/or other “password alternative” hardware (voice, bluetooth, etc) sooner rather than later. Even better, having one standard means that your device should work with services using FIDO technology, regardless of what OEM made it. Of course, this is a very substantial undertaking, so don’t be surprised if your favorite site or app doesn’t adopt the new standard right away.
FIDO’s standard incorporates ARM’s TrustZone technology. ARM has been doing a lot of work to improve security – read more about it here.
FIDO wants to rid the world of passwords and lead us into a world of authentication, and it looks like they’re doing a pretty great job so far. With backers like Google, PayPal, Samsung, Microsoft and many other big names, we wouldn’t be surprised if this technology took off in the near future. What do you think of the idea of using fingerprints, voice and USB keys as part of the login process? Are you eager to see the days of traditional, sometimes confusing, passwords come to an end?