ETA Expert Insights: FIDO Designs Faster Deployments

By Dale Laszig

FIDO, which stands for Fast Identity Online, was founded in 2012 by PayPal, Lenovo, Nok Labs, Validity Sensors, Infineon, and Agnitio. They are working to change authentication through open standards that are more secure than passwords, more straightforward for consumers, and more accessible for service providers to deploy and manage.

Reflecting on ETA’s and FIDO’s longstanding relationship, Jodie Kelley, CEO at ETA, stated ETA members have worked closely with FIDO on secure, seamless approaches to authentication.

“As part of our approach to fighting fraud, ETA member companies are leveraging the FIDO standard,” Kelley said. “We support FIDO’s efforts to protect consumers when they shop online by providing secure alternatives to passwords.”

FIDO’s latest innovation, Passkey, launched in March 2022, provides fast, easy, secure sign-ins to websites and apps across multiple devices. Passkey users can sign in with a biometric, PIN or security key rather than a username and password, FIDO representatives noted, and without having to re-enroll devices or accounts each time, they sign in.

Declining Password Usage
The 2022 Online Authentication Barometer, published Oct. 18 by the FIDO Alliance, indicates global password usage has declined by 5 to 9% across financial services, work computers and accounts, social media, streaming services, and smart home devices compared to last year.

Andrew Shikiar, executive director and CMO of the FIDO Alliance, was pleased to see a 1 to 4% uplift in multi-factor authentication (MFA) over the past year but noted some service providers were using outdated and phishable MFA methods. “Organizations should all have the implementation of modern, phishing-resistant authentication on their roadmaps, whether via on-device biometrics, FIDO security keys, or passkeys,” he said in a statement.

Principled Design
Kevin Goldman, chief experience officer at Trusona, and Allyson Wagner, senior user experience designer at IDEMIA, recently announced a collection of assets that simplifies FIDO deployments to embody FIDO’s core principles: security, simplicity, and privacy.

“The FIDO Design System is an adaptable collection of journeys, principles, patterns, content, and assets,” Goldman said. “Our intention for putting all this together is to make FIDO deployments simpler and faster for product designers, project managers, product managers, and engineers by filling the gaps they might have around authentication in their design systems.”

Wagner agreed, stating the design system, currently in pilot mode, will help people kickstart FIDO projects as the UX Committee continues to enhance and expand the system. Accessibility, a significant consideration in designing the framework, ensures all users have access, including people who use assistive technology.

She described the five components of the FIDO Design System as follows:

Journeys
Journeys help organizations and individuals see big-picture goals and identify necessary steps to achieve them.

• Organizations can use FIDO journeys to orient their teams at every deployment stage.

Patterns
Patterns help stakeholders learn how to sequence FIDO workflows to help ensure simplicity, security, and consistency across all FIDO authentication experiences.

• To simplify this process, FIDO offers various patterns that participants can browse, copy and paste, or copy and adapt to fit their needs.

Content
Content includes words, labels, phrases, symbols, illustrations, and narratives that have been used or tested.

• Content can be copied, pasted, and adapted in much the same way as patterns, with the ultimate goal of reducing content development time.

UI Kit
The user interface (UI) kit is ready to use collection of UI components and styles, which can be combined with patterns and content to help create efficient prototyping.

• Designed to reduce prototype development time, the UI kit can be copied, pasted, and adapted according to each organization’s requirements.

Diverse Perspectives
The FIDO Design System is a collaborative effort that depends on feedback and is not done in a vacuum. FIDO UX Committee actively seeks input from product managers and UX teams from the community.

By driving the adoption of smart, secure alternatives to passwords through the FIDO standard, advanced technologies and supportive frameworks can begin their passwordless journey.