February 13, 2020

Apple joins password-free security association FIDO Alliance

By Ellen Daniel

Apple has joined the Fast Identity Online (FIDO) Alliance as a board member in a move towards password-free authentication.

FIDO is an open industry association with the goal is to help reduce the world’s over-reliance on passwords by introducing authentication standards that are more secure than passwords.

This includes developing technical specifications for alternatives to passwords, such as biometrics or security keys, as well as addressing inoperability between strong authentication devices. The FIDO Alliance currently has published three sets of specifications for “simpler, stronger authentication”.

According to a 2019 report by Verizon, 81% of data breaches are linked to passwords.

Apple becomes latest tech giant to join FIDO Alliance

The FIDO Alliance has several major tech companies as board members, including Amazon, Facebook, Google and Intel, as well as multiple chipmakers, financial institutions and other tech companies.

However, since it was founded in 2013, Apple has been notably absent.

Although Apple hasn’t made a formal announcement, it has been listed as one of the 40 or so “board level members” on FIDO’s website.

According to ZDnet, Apple added native support for FIDO-compliant security keys in December 2019,

Apple has already implemented several forms of biometric authentication, such as FaceID and TouchID, but this could be an indication that the rollout of more forms of passwordless technology, and even a move towards phasing out passwords across the Apple ecosystem could be coming.

Jake Moore, Cybersecurity Specialist at ESET:

“Strengthening the security of an account, whilst making it more convenient for the user, is a step in the right direction. As the private key is stored locally on the device, even if the website has suffered a data breach, the hackers would have no passwords to steal, minimising the risk of exposure online. People tend to struggle with the concept of cyber security so rendering it compulsory for them in a convenient way is the best way to add an extra layer of protection.”

Read more:Will biometrics drive up identity fraud? Half of British people think so.