Fast Identification Online (FIDO) is an open standard for easy authentication between devices with non-existent interoperability. The FIDO standard supports Multifactor Authentication( MFA) and biometric authentication. To avoid the user having to work with different passwords, the credentials are stored in the smartphone.
The FIDO concept resembles an encrypted virtual container with strongly secured authentication including biometrics, security tokens, near field communication, Trusted Platform Modules( TPM), embedded security elements and Bluetooth. The concept has the advantage that users do not need to use complex passwords except for registration. The personal identification number( PIN) is usually sufficient for login. Users do not have to create passwords, no matter how memorable, do not have to follow complex rules or go through retry procedures in case of forgotten passwords.
FIDO uses two different protocols: the Universal Authentication Framework( UAF) with which the user can register an active device on a server or website that supports FIDO. In this case, user authentications are done using fingerprints or personal identification numbers (PIN), and logging in to the server is done using a secure public key. The second protocol is Universal Second Factor( U2F). It allows users to authenticate themselves on a second secure level, for example with a USB token. These two protocols are based on public encryption methods and are further developed and published by the FIDO Alliance.