Friday, August 14, 2015

FIDO U2F Security Key

More about the FIDO U2F Security Key

Each Security Key has an individualized secure chip which performs cryptographic functions triggered by a simple touch of the key. You never see the details, but behind the scenes FIDO U2F Security Key provides a unique public and private key pair for each application it protects. Only those keys can correctly complete the cryptographic challenge required for login.
The secure chip is of the same class as those used in SIM Cards, electronic passports, military electronic IDs and chip-and-pin credit cards. Like those devices, the chip is specially “hardened” so it’s extremely difficult to steal the secrets hidden inside. The secrets contained in the Security Key belong to the end-user exclusively and are never transferred, copied or stored by a service provider or any other application provider.
This is not a biometric device, instead it uses a capacitive sensor activated by the small bit of electricity the human body naturally produces.

The Skinny on Universal Second Factor (U2F)

FIDO U2F is an emerging open authentication standards initiative with strong support from more than 120 end-user and vendor companies in the FIDO Alliance, a consortium working to bring strong authentication to the masses.
U2F breaks the mold for high-security, public-key hardware devices by removing the complexity of drivers, clients software and the traditional costly certificate authority (CA) model. With FIDO U2F, one single device can be used with any number of online services with no user information or encryption keys shared between the service providers.
Internet and cloud services can dramatically improve the security of their existing password infrastructure by adding a simple but strong, U2F-based second factor for login.
For more information, you can access the full U2F Specifications on the FIDO Alliance website.

More from Yubico

Take a look at our other Yubico YubiKeys, which support a range of authentication methods and security features in different combinations and form factors including one-time passcodes, OATH, Challenge-Response, Smart Card functionality (including OpenPGP and PIV), MIFARE, and Near-Field Communications.
Learn more about how you can integrate FIDO U2F protocol with your online service at developers.yubico.com

No comments:

Post a Comment