New FIDO Alliance pushing 'fast-identity' strong authentication protocol

Client/server Online Security Transaction Protocol intended for flexible multi-factor authentication

A new industry group called the Fast IDentity Online Alliance, or FIDO Alliance for short, makes its debut Tuesday to promote adoption in e-commerce and websites an innovative authentication protocol that's intended to bring a higher level of security for online users.

The Online Security Transaction Protocol (OSTP), and its client/server components, work by gleaning information gained about the user's device, such as whether it has the Trusted Platform Module chip, or a webcam, or a fingerprint device or other biometrics, or two-factor authentication, and combine that though a cryptographic process to create a shared secret between the back-end server and the device. This OSTP-based type of multi-factor authentication process would be selectively invoked voluntarily by the user for security purposes in transactions, for instance, to assure the identity of the user, beyond simple login and password, to prevent fraud.

Page 2 of 2

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: emessmer@nww.com.

Read more about security in Network World's Security section.