The W3C has advanced Web Authentication (WebAuthn), a collaborative effort based on Web API specifications submitted by FIDO to the W3C, to the Candidate Recommendation (CR) stage. WebAuthn defines a standard web API that can be incorporated into browsers and related web platform infrastructure which gives users new methods to securely authenticate on the web, in the browser and across sites and devices.
WebAuthn has been developed in coordination with FIDO Alliance and is a core component of the FIDO2 Project along with FIDO’s Client to Authenticator Protocol (CTAP) specification. CTAP enables an external authenticator, such as a security key or a mobile phone, to communicate strong authentication credentials locally over USB, Bluetooth or NFC to the users internet access device (PC or mobile phone). The FIDO2 specifications collectively enable users to authenticate easily to online services with desktop or mobile devices with phishing-resistant security.
FIDO will soon launch interoperability testing and will issue certifications for servers, clients and authenticators adhering to FIDO2 specifications. In addition, FIDO will introduce a new Universal Server certification for servers that interoperate with all FIDO authenticator types.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now