FIDO Passkey – hardware keys for secure authentication in online applications

Definition FIDO Token – What does FIDO mean?

What is a FIDO hardware token and what is the integrated U2F all about? This portrait gives you an overview and introduces you to the powerful FIDO tokens for all your online applications.

The passkey looks like a USB-stick, similar to the one you use on your laptop. Many FIDO tokens are in fact used in the same way, simply by inserting them into your USB port. FIDO stands for “Fast Identity Online” and was created by the FIDO Alliance. A FIDO token is a non-commercial security mechanism that replaces your personal passwords or secure PIN for logging into online applications. Instead, FIDO security keys use secure protocols and standards to perform two-factor authentication (U2F). The system behind this is based on public key cryptography, which digitally signs your transaction. Instead of a password, a PIN or fingerprint authentication is used. Data encryption based on two keys is asymmetric. One key is private, the other is a public key. If you frequently use debit or credit cards, you can register them via FIDO for convenient payment. The current FIDO standard is constantly being reviewed to maintain the highest level of security and is currently considered the most secure authentication process available – an excellent solution not only for secure online payments, but also for many other applications.

What makes a FIDO token different from other encryption mechanisms?

Classical encryption systems perform authentication based on password protection. Since most users have different passwords to log onto different applications, it often happens that the password is forgotten or the wrong one is being entered. For example, if you make a quick payment and enter the wrong password several times, many institutions will block access to the authentication process. Recovering the password is often time-consuming and impractical. In addition, simple passwords can be easily guessed or logically traced. Many users use the same password for different applications. This significantly increases the security risk. The FIDO technology closes this gap by making authentication highly complex and extremely user-friendly. Whether MITM attack or phishing: with a token based on the FIDO standard, you choose a powerful, practical and convenient solution for online authentication.

Who is a FIDO token suitable for?

These small and practical hardware keys are not only intended for private use but are increasingly implemented in all sorts of businesses and public institutions. This holds true especially in municipalities providing critical infrastructure, as well as in schools and universities. Here, the FIDO technology is a sensible solution suitable for everyday use. This is especially true since the digitalization of public institutions is advancing rapidly. In addition, local authorities and government agencies are increasingly in the focus of hacker attacks and other attempts to steal data. The two-factor authentication integrated in many FIDO products provides comprehensive protection and raises the level of security in public institutions.

The following industries and institutions in particular benefit from the use of a FIDO token:

Banks and financial service providers

Automotive industry

Electrical engineering and electronics industry

Energy and environmental industry

Pharmaceutical and healthcare industry

Educational institutions

Municipalities, city councils

District offices

Building authorities, traffic authorities

and many more

What is the U2F technology built into FIDO?

U2F stands for “Universal 2nd Factor” and is also known as two-factor authentication. In addition to an external factor, an internal factor is used to legitimize access. This is usually a PIN that must be entered for the purpose of authorization. The external factor can be a push message to the mobile phone, for example via SMS. A code sent in this way must be entered on the external device and is often tied to a short time limit. Once this has expired, a new code can be requested. Since authentication according to the U2F standard is not exclusively linked to the internet, two-factor authentication is considered very secure. This is an ideal basis to combine with the security standards of FIDO technology to create a highly complex authentication system.

What are the benefits of a FIDO token?

The authentication for your desired online application is based on a multifactor method as well as on an asymmetric encryption of a private and public key. This combination results in an extremely high level of security that is difficult to crack. In practice, the FIDO security key has the advantage that you don’t have to remember any passwords for your access. FIDO technology also eliminates the security risks associated with written passwords. With a token based on FIDO technology, you can fend off malware, phishing and hacker attacks. Furthermore, a FIDO token is ideally suited for devices that are used both privately and professionally. For example, the risk of company data being breached from your laptop while surfing the Internet privately, is reduced to an extremely low level with a FIDO token.

In addition, the token is so small that it does not interfere with your work on the laptop. It works by plugging into your laptop’s USB port like any other USB stick. This gives you full flexibility in your digital applications – without any restrictions in security.

What are the FIDO token product lines and what are their features?

The following types of FIDO passkeys are available for online authentication:

• Standard
• NFC
• Biometric

ePass FIDO – Standard tokens at an attractive price

If you are looking for a classic token at a particularly attractive price, the ePass FIDO token is the right choice. The token comes in a metal or plastic housing and has a convenient touch button. Its compact size means it is not bulky and is ideal for everyday use on a laptop. In addition, the housing is waterproof and performs its task extremely reliable, even in a humid environment. You can register an unlimited number of accounts on a standard token. This means that the FIDO token offers you an unlimited range of applications. It is also suitable for all computer platforms, requires no driver and is recognized as an HID device. Use it for Microsoft Windows, Linux or even macOS. The USB Type C connector makes the token compatible with today’s computer technology. But because many older laptops and desktops only have USB Type A ports, these standard FIDO tokens are also available with USB Type A connectors.

ePass FIDO NFC – Token for use with mobile devices

The innovative FIDO technology also works on mobile devices such as smartphones or tablets that don’t have USB-ports. In this case, all you need is a FIDO token with an NFC interface. For the token to work with mobile devices, it is important that these have a built-in NFC sensor. Simply hold the FIDO security key in front of the NFC sensor of your mobile device and the FIDO technology can carry out the complex authentication process. Note that the option to communicate via NFC must be enabled in the settings of your mobile devices. Only then can the FIDO technology establish a secure connection between the security key and the NFC sensor on the mobile device. These FIDO tokens are key-shaped, light and small and come in a robust and waterproof housing made of calcium carbonate and ABS. High-quality injection moulding technology is used in the production process.

You can also order a FIDO NFC token with a USB Type C or USB Type A connector.

BioPass FIDO2 – Biometric fingerprint recognition token

Because each fingerprint is unique, it is ideal for authentication. For additional security to all the security mechanisms already mentioned, a FIDO token with a biometric sensor is an excellent choice. As an authorized user, only you can authenticate yourself as the user. Unauthorized use by others is not possible without your fingerprint on such a token. With biometric fingerprint recognition, you can prevent possible misuse of the token by others. Even if you lose your FIDO token, you hardly need to worry as it can only be used with your own fingerprint, ensuring the security of your registered accounts are still guaranteed. A BioPass FIDO2 token holds the fingerprint data in an encrypted file. This is to ensure no one can obtain your biometric data from the FIDO token. You can use these biometric FIDO tokens to unlock your mobile devices conveniently and efficiently with just a touch of your finger. The BioPass FIDO2 tokens with USB Type A or Type C come in two elegant designs. In addition, we offer token cards with embedded biometric readers as well.

iePass FIDO – Token for Apple devices based on iOS

Do you use Apple devices? Then you need one of our iePass FIDO authentication tokens. In addition to an integrated dual interface for USB Type C, the token includes an interface for the Apple Lightning connector. The security key is certified for both FIDO and MFi. Visually, the key is easily recognizable by its distinctive dual interface design, which enables you to use this FIDO token for Android and Apple devices.

What should be done if the security key is lost?

As with any credit card or debit card, it is important to deactivate the token within the application / account. This will give you ease of mind even though a breach of your accounts is highly unlikely, even if someone in possession of your FIDO key were to try an access your account. Once the lost FIDO key is deactivated from accessing your account, you can then order a new security key and reconfigure U2F authentication using new security features.

Conclusion

PCP Europe offers a wide range of FIDO tokens, so you can choose the type that best suits your needs. The PCP team will be happy to help you with choosing the right token. Benefit from PCP’s expertise, world-class security standards and attractive volume discounts!