Categories: eCommerceMarketing

eBay Joins FIDO, Contributes Open-Source Authentication Server

The FIDO (Fast Identity Online) Alliance is gaining momentum, with eBay joining the effort and contributing a new open-source Universal Authentication Framework compliant server.

FIDO is a multistakeholder initiative whose aim is to enable stronger forms of authentication for online access. The big milestone event for FIDO occurred in December 2014 when the group announced the Universal Second Factor (U2F) and UAF 1.0 specifications.

With UAF, FIDO has built a specification that is designed to replace the need for traditional passwords by making use of other forms of authentication, including the use of biometrics—for example, a user’s fingerprint—to gain access. The U2F specification, in contrast, is all about enabling secure forms of two-factor authentication.

eBay is embracing FIDO to help solve a customer challenge that is increasingly growing.

Passwords

“We have some customer issues dealing with passwords, especially as our mobile app is growing at a fast rate,” Rajeev Angal, director of Trust and Identity Engineering at eBay, told eWEEK. “The mobile form factor is not an easy place to enter a password, and our customers have complained about it.”

Angal added that by embracing FIDO’s UAF, eBay could well find a way to get rid of passwords, replacing them with some more natural-like biometrics. Rather than attempting a unique vendor approach, he said eBay found FIDO’s UAF specification to be a powerful standards-based open-source model that works.

While eBay is embracing UAF, it is not yet embracing U2F as mobile is a primary paint point. Angal did add that eBay will likely be looking at U2F in the future as a possible option.

The eBay UAF effort is very much a work in progress and isn’t something that is generally available. The first key step, however, is making the UAF server open-source, where it is now publicly available for anyone to look at on GitHuband potentially contribute code. Angal demonstrated the eBay UAF server, including Android and iOS mobile clients, at a FIDO event in New York on March 31, where he said there was notable interest from new potential contributors. eBay will continue to test the UAF server for its own needs as well, while looking to build a community around it, he said.

eBay built the UAF server by looking at the UAF 1.0 specifications and then developing code.

“The eBay contribution is not only validation of the need for stronger authentication standards, but also it’s validation of the truly open standard that FIDO develops,” Brett McDowell, executive director at the FIDO Alliance, toldeWEEK. “An outside company [eBay] was able to read the specifications, build a server and a sample app, take it through testing and getting it formally certified while not being members of the FIDO Alliance.”

Looking forward, McDowell said FIDO is working on expanding the adoption of its specifications as well as improving the specifications.

“The next step is to get FIDO into the operating system of devices, and that is the ambition of FIDO 2.0, which is the next publication from us,” McDowell said.

Originally published on eWeek.

Sean Michael Kerner

Sean Michael Kerner is a senior editor at eWeek and contributor to TechWeek

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

2 days ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

2 days ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

2 days ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

3 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

3 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

3 days ago