U2F is an open authentication standard that enables internet users to securely access any number of online services with one single security key instantly and with no drivers or client software needed. FIDO2 is the latest generation of the U2F protocol.

Note As of now FIDO supports google chrome.

U2F Advantages

  • Strong security — Strong two-factor authentication using public key crypto that protects against phishing, session hijacking, man-in-the-middle, and malware attacks.

  • Easy to use — Works out-of-the-box thanks to native support in platforms and browsers including Chrome, Opera, and Mozilla, enabling instant authentication to any number of services. No codes to type or drivers to install.

  • High privacy — Allows users to choose, own, and control their online identity. Each user can also opt to have multiple identities, including anonymous, with no personal information associated with the identity. A U2F Security Key generates a new pair of keys for every service, and only the service stores the public key. With this approach, no secrets are shared between service providers, and an affordable U2F Security Key can support any number of services.

  • Multiple choices — Open standards provide flexibility and product choice. Designed for existing phones and computers, for many authentication modalities, and with different communication methods (USB and NFC).

FIDO Configuration

Step 1

On cidaas user profile page, go to Physical Verification Setup and select Configure button seen under the FIDO U2F option

Step 2

The following screen appears on the web.

To scan the QR code presented, open your downloaded cidaas authenticator app and click on Add tab.

Step 3

Scan the QR Code displayed on your desktop.

Step 4

After scanning, the login screen is displayed on your phone. Login with your credentials.

Step 5

When you are authenticating, the loading screen will appear on your desktop.

Step 6

Once logged in, you need to configure FIDO NFC. simply insert the FIDO into a USB port or swipe it to NFC supported devices. The user’s device creates a new public/private key pair unique to the local device, online service and associated with the user’s account as in the below screen:

Public key is sent to the online service and is associated with the user’s account. The private key and any information about the local authentication method (such as biometric measurements or templates) never leave the local device.

Step 7

After successfull configured Fido NFC on your mobile, The below screen gets displayed both web and mobile:

FIDO U2F – Usage

Step 1

During login, select “Click here for passwordless authentication, Enter your email ID and click Proceed. Select Fido NFC to login.

Step 2

The screen waits for authentication.

At the same time, push notification will be received in your cidaas authenticator app.

If using the cidaas authenticator mobile app, we don't need to scan qrcode. It will automaticaly ask for the appropriate authentication information, based on the verification type you choose.

If you click allow button further verification steps 3 will continue. or otherwise you cann't able to authenticate.

On click of deny button the 'Notification Deny' screen will be shown, where user can select appropriate reason for denying the request and submit it. After that you won't be able to authenticate.

Step 3

Click on “Fido U2F”, touch or swipe your FIDO NFC. After the key icon is touched or swiped, the mobile device uses the user’s account identifier provided by the service to select the correct key and sign the service’s challenge.

Step 4

You have now successfully logged in to the application/web portal.

results matching ""

    No results matching ""