How many FIDO protocols are needed? Surveying the design, security and market perspectives

by   Anna Angelogianni, et al.

Unequivocally, a single man in possession of a strong password is not enough to solve the issue of security. Studies indicate that passwords have been subjected to various attacks, regardless of the applied protection mechanisms due to the human factor. The keystone for the adoption of more efficient authentication methods by the different markets is the trade-off between security and usability. To bridge the gap between user-friendly interfaces and advanced security features, the Fast Identity Online (FIDO) alliance defined several authentication protocols. Although FIDO's biometric-based authentication is not a novel concept, still daunts end users and developers, which may be a contributor factor obstructing FIDO's complete dominance of the digital authentication market. This paper traces the evolution of FIDO protocols, by identifying the technical characteristics and security requirements of the FIDO protocols throughout the different versions while providing a comprehensive study on the different markets (e.g., digital banking, social networks, e-government, etc.), applicability, ease of use, extensibility and future security considerations. From the analysis, we conclude that there is currently no dominant version of a FIDO protocol and more importantly, earlier FIDO protocols are still applicable to emerging vertical services.


page 1

page 2

page 3

page 4


Secure and Energy-Efficient Key-Agreement Protocol for Multi-Server Architecture

Authentication schemes are practised globally to verify the legitimacy o...

LemonLDAP::NG – A Full AAA Free Open Source WebSSO Solution

Nowadays, security is becoming a major issue and concern. More and more ...

Security of EV-Charging Protocols

The field of electric vehicle charging involves a complex combination of...

Is This Really You? An Empirical Study on Risk-Based Authentication Applied in the Wild

Risk-based authentication (RBA) is an adaptive security measure to stren...

DeFi Protocols for Loanable Funds: Interest Rates, Liquidity and Market Efficiency

We coin the term *Protocols for Loanable Funds (PLFs)* to refer to proto...

A Comprehensive Survey of Aadhar and Security Issues

The concept of Aadhaar came with the need for a unique identity for ever...

Evaluating User Perception of Multi-Factor Authentication: A Systematic Review

Security vulnerabilities of traditional single factor authentication has...

Please sign up or login with your details

Forgot password? Click here to reset