End of Passwords? Windows 10 To Support Biometric Authentication
End of Passwords? Windows 10 To Support Biometric Authentication
Identity and information theft has been a matter of significant concern over the years, with user login data being a vulnerable target for hackers.
To tackle the issue, Microsoft has announced that Windows 10 will include support for the latest iteration of the Fast Identification Online (FIDO) spec, allowing all devices running the OS to work with a variety of biometric readers.
In turn, this would give hardware makers the opportunity to build additional security mechanisms into laptops or phones, eliminating the need for passwords to access user accounts.
In his blog post, Microsoft’s Dustin Ingalls further stressed upon the corporate giant’s pledge to move past the password as the means for user authentication and security. Microsoft is currently involved in the design process for the version 2.0 specifications of FIDO in order to facilitate common goals.
What is FIDO?
FIDO is an open standard developed to tackle the lack of interoperability among strong authentication devices as well as the issues associated with creating and remembering multiple usernames and passwords.
It was launched in 2013 by a non-profit organization called the FIDO Alliance. Members of the alliance include ARM, Blackberry, Google, Master Card, Microsoft, PayPal, Samsung, Synaptics and Visa.
How does it work?
FIDO can be described as a virtual container that supports multiple authentications and encompasses a broad range of authentication systems, which include:
- Biometrics, such as fingerprint and iris scanners
- Voice and facial recognition
- USB security tokens
- Near Field Communication (NFC)
- Trusted Platform Modules (TPM)
- Embedded Secure Elements (eSE)
- Smart Cards
- Bluetooth
The sources of authentication, including biometrics and other personal identification, are stored locally on the user’s device, so as to alleviate concerns regarding privacy of personal data. Data from these authentication sources is used to create a local key, while the service requesting access gets a public login in order to keep user data private.