FIDO Standards the client
FIDO Standards is designed to create ecosystem of client Authentication Methods that can be used with a variety of Service Providers in an interoperable manner.
FIDO Standards define the authentication protocol
used between the client
and the Service Providers
. The protocol
is based on standard Public Key cryptography
The client registers a Public Key with the Service Providers at initial setup. Later, when authenticating, the service verifies that the client owns the Private Key by asking it to sign a challenge. The FIDO protocol is designed to ensure user privacy and security.
FIDO Standards define a common API
at the client
for the local authentication
method that the user exercises. The client
can be pre–installed on the Operating System
or web browser
Different Authentication Methods such as secure PIN, biometrics and other Authentication Factor devices can be "plugged in" via this standardized interface into the client.
The FIDO 2.0 Specifications were submitted to the W3C on November 12, 2015 for formal standardization. These are provided here for historic reference only. Implementers are encouraged to work with the Web Authentication API specification.
There might be more information for this subject on one of the following: