Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

12/12/2013
02:56 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Microsoft Joins FIDO Alliance Board Of Directors

Microsoft to work with the FIDO Alliance to produce open standards

Mountain View, Calif - December 12, 2013… The FIDO (Fast IDentity Online) Alliance, an industry consortium revolutionizing online authentication with the first standards-based specifications, today announced that Microsoft has joined the Alliance as a member of the Board of Directors. Microsoft is committed to working with the FIDO Alliance to produce open standards that will ensure interoperability among strong authentication methods and technologies. Representing the preeminent desktop and enterprise software vendor, and as the third leading mobile platform provider to join the FIDO Alliance board, Microsoft joins Google, BlackBerry and many other industry leaders in making FIDO specifications the global standard for post-password authentication.

FIDO members commit to share technology and collaborate to deliver open specifications for universal strong authentication that enables FIDO-compliant authentication methods to be interoperable, more secure and private, and easier to use. Microsoft software runs on hundreds of millions of devices, and the technology leader maintains clear leadership in enterprise, desktop and laptop markets. Users of Microsoft products and services will have a variety of choices for better authentication that overcomes the prevailing reliance on passwords. FIDO authentication is designed with a core focus on privacy − all biometric or personal identifying information (PII) stays local on the user’s device and is never shared to the cloud or over the network.

“Microsoft and the many global leaders joining our endeavor in the last ten months validates the work of the FIDO Alliance, and clearly indicates the imminent sea change set to move the world from a dependency on passwords to universal strong authentication,” said Michael Barrett, president of the FIDO Alliance. “Clearly, the Alliance is recognized as the foremost place to effect the changes needed to ensure future authentication that is simultaneously easier to use, more secure, and private. We welcome Microsoft to our board of directors and value the contributions that only Microsoft can make to benefit enterprises and users everywhere.”

"Microsoft has a track record of unwavering commitment to security and significant contributions to open standards organizations. Joining the FIDO Alliance board of directors is a logical step for us as a way to serve our customers and the community,” said David Treadwell, Corporate Vice President, Microsoft. “As a contributor to the FIDO Alliance working groups on next generation authentication, we look forward to furthering our innovation and thought leadership in the identity space."

"Microsoft joining Fido Alliance's Board is a key milestone to reaching the post UN/PW Authentication era of strong Authentication," said Sami Nassar vice president & general manager Authentication, NXP Semiconductors. "With the support from industry leaders across the value chain, from semiconductors to relying parties, FIDO adds cloud security without compromising privacy and simplicity for consumers and enterprise users."

Open FIDO specifications will support a full range of authentication technologies for operating systems, including biometrics such as fingerprint and iris scanners, voice and facial recognition, as well as existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, embedded Secure Elements (eSE), Smart Cards, Bluetooth Low Energy (BLE), and Near Field Communication (NFC). The open specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments. FIDO specifications allow the interaction of technologies within a single infrastructure, enabling security options to be tailored to the distinct needs of each user and organization.

About The FIDO Alliance

The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The Alliance plans to change the nature of authentication by developing standards-based specifications for better authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. Better authentication is stronger, private, and easier to use when authenticating to online services.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15058
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
CVE-2020-15059
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15060
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15061
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15062
PUBLISHED: 2020-08-07
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.