Google announced that they are strengthening their 2-Step Verification by offering support for Security Key, a FIDO Ready™ U2F compliant physical USB second factor device that offers a simpler, stronger alternative to today’s six digit one-time passcodes (OTP). Google’s new Security Key solution offers even more protection for their most security-sensitive users. Rather than typing a code, the user just inserts a Security Key into their computer’s USB port and taps it when prompted in the Google Chrome browser. When signing into a Google Account this way, users can be assured that their second factor cannot be phished, because Security Key doesn’t provide its cryptographic signature when a fake site is attempting to impersonate a Google sign-in page in Chrome. Chrome incorporates the open FIDO Universal 2nd Factor (U2F) protocol, so other websites with account login systems can now build support for FIDO U2F into their web applications and instantly enable this experience for their users who run Chrome.
“We’re glad to participate in the FIDO Alliance, and to bring FIDO U2F support to Google and to Chrome,” said Sampath Srinivas, Product Management Director at Google and FIDO Alliance board member.
Several FIDO Alliance members are announcing their product lines of FIDO Ready devices that work with Google’s Security Key feature and any future deployments of FIDO U2F authentication. These FIDO Ready devices enable online service providers, enterprises, and users to take advantage of FIDO U2F authentication. Empowering users and enterprises by enabling choice from a range of interoperable strong authentication products is a hallmark of the FIDO Alliance. The emerging ecosystem of FIDO U2F products and services being announced, combined with the previously announced FIDO UAF offerings, represents a strong and vital marketplace of interoperable FIDO authentication choices available now and growing quickly.
FIDO standards will support a full range of authentication technologies, including biometrics, such as fingerprint and iris scanners, voice and facial recognition, as well as further enabling existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, embedded Secure Elements (eSE), Smart Cards, Bluetooth Low Energy (BLE), and Near Field Communication (NFC). The open standards specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments. FIDO specifications allow the interaction of technologies within an interoperable infrastructure, enabling authentication choice to meet the distinct needs of users and organizations.
