Myntech Passwordless Identity solution (MPI) is based on FIDO
FIDO is what’s called a “standard.” Like WiFi, or Bluetooth. It works on any web browser and on all of your devices, including our smartphone, desktop or laptop computer, tablet, or smartwatch. FIDO makes logging in to your online accounts much easier, while keeping your info safe from hackers and trackers.
FIDO2 cryptographic login credentials are unique across every website, never leave the user’s device and are never stored on a server. This security model eliminates the risks of phishing, all forms of password theft and replay attacks.
Users unlock cryptographic login credentials with simple built-in methods such as fingerprint readers or cameras on their devices, or by leveraging easy-to-use FIDO security keys. Consumers can select the device that best fits their needs.
Because FIDO cryptographic keys are unique for each internet site, they cannot be used to track users across sites. Plus, biometric data, when used, never leaves the user’s device.
Inside the FIDO2 Specifications
Web Authentication (WebAuthn)
WebAuthn enables online services to use FIDO Authentication through a standard web API that can be built into browsers and related web platform infrastructure. It is a collaborative effort based on specifications initially submitted by FIDO Alliance to the W3C and then iterated and finalized by the broader FIDO and W3C communities. WebAuthn was designated an official web standard in March 2019. It is currently supported in Windows 10 and Android platforms, and Google Chrome, Mozilla Firefox, Microsoft Edge and Apple Safari web browsers.
WebAuthn allows users to log into internet accounts using their preferred device. Web services and apps can – and should – turn on this functionality to give their users an easier login experience via biometrics, mobile devices and/or FIDO security keys — and with much higher security over passwords alone.
How it works
Once a website has turned on FIDO, you'll be able to login with three easy steps
- Facial Scan
- Security Key
- Local PIN
Online Crypto Protocol Standardization
FIDO standardizes the authentication protocol used between the client and the online service. The protocol is based on standard public key cryptography — the client registers a public key with the online service at initial setup. Later, when authenticating, the service verifies that the client owns the private key by asking it to sign a challenge. The protocol is designed to ensure user privacy and security in the current day state of the internet.