Overview#

U2F device is an Authenticator, specifically, a FIDO Authenticator that supports the Universal Second Factor FIDO protocolU2F device, technically, is only supported for Multi-Factor Authentication (MFA) and not Passwordless Authentication as in CTAP2 and WebAuthN

U2F device interface types#

At the moment (2017-04-02) three interface types are specified in FIDO U2F.

• Universal Serial Bus (USB)
• Near Field Communication (NFC)
• Bluetooth (Classic and Smart aka Low Energy (BLE)).

Unlocking is a test of user physical presence and requires a token-specific Authorization Gesture, such as pushing a button on a USB device, tapping a U2F device to an NFC-enabled device such as a mobile phone or tablet, or pressing a button on a BLE-enabled token or fob.

The user can use the same FIDO U2F device on all online services that support the U2F device protocol.!! U2F device and WebAuthn Authenticator Existing FIDO U2F Security Keys are largely compatible with the Web Authentication API standard, though Web Authentication API added the ability to reference a unique per-account "user handle" identifier, which older hardware tokens are unable to store. Authenticators that only support the §8.6 FIDO U2F Attestation Statement Format have no mechanism to store a user handle, so the returned userHandle will always be null.!! More Information There might be more information for this subject on one of the following:

• FIDO Authenticator
• Universal Second Factor