01 September 2014

PayPal and Lenovo bid to eradicate passwords

12 February 2013  |  9010 views  |  1 Cheque with penci

PayPal and Lenovo have joined with other Internet and security companies to form the Fido Alliance (Fast Identity Online) with the aim of replacing password-based log-ins with an industry-supported open protocol tied to the actual device used to access online services.

Fido's standards-based approach automatically detects when a Fido-enabled device is present, and offers users the option to replace passwords with authentication methods embedded in the hardware. The standard will support a full range of technologies, including biometrics such as fingerprint scanners, voice and facial recognition, as well as existing authentication techniques, such as Trusted Platform Modules, NFC, one-time passwords and security tokens.

Vendors signing up to Fido must install the necessary protocols on their servers and convince users to install new authentication software on their Internet-connected phones and computers where it is not already available.

Michael Barrett, Fido Alliance president and PayPal chief information security officer, says: "By giving users choice in the way they authenticate and taking an open-based approach to standards, we can make universal online authentication a reality. We want every company, vendor, and organisation that needs to verify user identity to join us in making online authentication easier and safer for users everywhere."

He says Fido-compliant smartphones, tablets, PCs and laptops can replace password dependency and exposure of sensitive user information by automatically and transparently providing user credentials when they're required.

The approach has won the support of Lenovo, the world's second-largest PC manufacturer. Mark Cohen, VP and general manager, ecosystem and monetization, Lenovo, says: "Recognising that our customers wanted more than just passwords for authentication, we began shipping ThinkPad PCs with integrated fingerprint readers nearly a decade ago. We are excited about the new Fido standard because it enhances both security and convenience, enabling biometric and other forms of authentication to take place directly between the user and the service that he or she is trying to use."

Other Alliance participants include biometric vendors Agnitio and Validity Sensors and server authentication start-up Nok Nok Labs. Fido is inviting other companies to join the effort in a bid to create a global standard.

Comments: (1)

Jonathan Rosenne - QSM Programming Ltd. - Tel Aviv | 12 February, 2013, 14:55

This would be something you have rather than someting you know, or did I get it wrong? If someone steals my phone would he have access to my log-ins?

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Related blogs

Create a blog about this story (membership required)

Related stories

17 January, 2013
13 December, 2012
06 June, 2012
12 October, 2011
04 October, 2011
18 April, 2011
02 February, 2010
29 October, 2009

Related company news

 

Featured job

to AED 350k base, double OTE, housing allowance & ...
Dubai, Bahrain or Saudi Arabia

Find your next job