Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations //

Identity & Access Management

9/23/2014
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Alibaba Joins FIDO Alliance Board

Mountain View, CA. and Hangzhou, China– September 23, 2014 – The FIDO (Fast IDentity Online) Alliance (http://www.fidoalliance.org/), an industry consortium revolutionizing online authentication with standards for strong authentication, and Alibaba Group ("Alibaba") (NYSE: BABA), a world leading online and mobile commerce company, announced today that Alibaba has joined the FIDO Alliance as a board member. Alibaba’s payments business, Alipay is among the first to deploy FIDO technology for secure payments authentication with FIDO Alliance founding member Nok Nok Labs. Committed to its mission to make it easy to do business anywhere, Alibaba can benefit those who rely on the largest online and mobile commerce company in the world with easy-to-use, secure, private FIDO authentication.

“Our many businesses and services are enriched by authentication that creates a better and more reliable user experience, as well as insightful risk management. We look forward to participating on the FIDO Alliance board, and assuring that commerce and authentication are uniquely cooperative and seamlessly compatible,” said Ni Liang, Alibaba group, senior director, department of security.

“With their huge local and global influence, Alibaba is a very important addition to the FIDO ecosystem and a welcome member of the FIDO Alliance board of directors. The board will benefit greatly from Alibaba’s experience and influence throughout Asia,” said FIDO Alliance president Michael Barrett. “Pivotal organizations, like Alibaba, can rapidly impact adoption of FIDO authentication by facilitating strong authentication for its hundreds of millions of users. We enthusiastically welcome Alibaba to the FIDO Alliance board, and we anticipate their important influence on the first industry standards for universal strong authentication: FIDO standards.”
FIDO Alliance members commit to share technology and collaborate to deliver open specifications for universal strong authentication that enables FIDO-compliant authentication methods to be interoperable, more secure and private, and easier-to-use.

FIDO specifications will support a full range of authentication technologies, including biometrics such as fingerprint, eye and iris scanners, voice and facial recognition, as well as further enabling existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, embedded Secure Elements (eSE), Smart Cards, Bluetooth Low Energy (BLE), and Near Field Communication (NFC). The open specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments. FIDO specifications allow the interaction of technologies within an interoperable infrastructure, enabling authentication choice to meet the distinct needs of users and organizations.

About Alibaba Group
Alibaba Group's mission is to make it easy to do business anywhere. The company is the largest online and mobile commerce company in the world in terms of gross merchandise volume. Founded in 1999, the company provides the fundamental technology infrastructure and marketing reach to help businesses leverage the power of the Internet to establish an online presence and conduct commerce with hundreds of millions of consumers and other businesses.
Alibaba Group's major businesses include:
Taobao Marketplace (www.taobao.com), China's largest online shopping destination
Tmall.com (www.tmall.com), China's largest online third-party platform for brands and retailers
Juhuasuan (www.juhuasuan.com), China's most popular online group buying marketplace
AliExpress (www.aliexpress.com), a global online marketplace for consumers to buy directly from China
Alibaba.com (www.alibaba.com), China's largest global online wholesale platform for small businesses
1688.com (www.1688.com), a leading online wholesale marketplace in China
Alibaba Cloud Computing (www.aliyun.com), a leading provider of cloud computing services to businesses and entrepreneurs
Alibaba Group also provides payment and escrow services on its marketplaces through its association with Alipay (www.alipay.com), a related company of Alibaba Group.
Through China Smart Logistics, a 48%-owned affiliate, Alibaba Group operates a central logistics information system that connects a network of express delivery companies in China.

About The FIDO Alliance
The FIDO (Fast IDentity Online) Alliance, www.fidoalliance.org, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The Alliance plans to change the nature of authentication by developing standards-based specifications for simpler, stronger authentication that define an open, scalable, interoperable set of mechanisms that reduce reliance on passwords. FIDO authentication is stronger, private, and easier to use when authenticating to online services.

The FIDO Alliance Board of Directors includes leading global organizations: Alibaba Holdings (NYSE: BABA); ARM Holdings plc (LSE: ARM and NASDAQ: ARMH); Bank of America Corporation (NYSE:BAC); BlackBerry®; CrucialTec (KRX: 114120); Discover Financial Services (NYSE: DFS); Google; IdentityX; Lenovo; MasterCard (NYSE: MA); Microsoft (Nasdaq "MSFT"); Nok Nok Labs, Inc.; NXP Semiconductors N.V. (NASDAQ:NXPI); Oberthur Technologies OT; PayPal (NASDAQ:EBAY); Qualcomm, Inc. (Nasdaq: QCOM); RSA®; Samsung Electronics, Ltd (KOSCOM: SECL); Synaptics (NASDAQ: SYNA); Visa Inc. (NYSE: V); Yubico.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18862
PUBLISHED: 2019-11-11
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
CVE-2019-18853
PUBLISHED: 2019-11-11
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
CVE-2019-18854
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
CVE-2019-18855
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes.
CVE-2019-18856
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled.