Fido Alliance has launched a new certification program that includes security evaluations against basic, scalable attacks conducted by third party laboratories
FIDO (Fast IDentity Online) Alliance
is an open industry association that develops technical specifications and certifications to enable an open, scalable and interoperable set of mechanisms that reduce the reliance on passwords to authenticate users and protect against phishing, man-in-the-middle and replay attacks using stolen passwords.
At the moment, there are more than 300 authentication solutions certified as compliant with FIDO UAF and FIDO U2F specifications, which focus on functional requirements. FIDO has just launched a new certification program. This new program currently includes Level 1 and Level 2 certification for authenticators. Level 1 focuses on functional requirements and protection against basic and at-scale attacks. Level 2 certification
includes Level 1 requirements plus additional security requirments to ensure protection against scalable attacks. Level 2 evaluations are conducted by accredited third party security laboratories.
FIDO has accredited Applus+ Laboratories to conduct Level 2 security evaluations. The new L2 certification program has just opened for admissions and the FIDO Alliance expects that the first batch of L2 certified authenticators will be issued in August.