Wave Systems Corp. (fka WAVXQ)

[wavedreamer]

Alea,

Look at what FIDO alliance is going though to get rid of passwords.

The TPM is a supported technology of allowing 2 factor authentication for the user ID and obviously there are Biometrics and Other Tokens involved. It's a really big playing field and look at what they say:)

"FIDO boss sees group settling into authentication stride

Summary: Challenges ahead, but three major deployments have consortium feeling it is in right place at right time with right ideas

By John Fontana for Identity Matters | October 30, 2014

Two years out from a promise to eclipse passwords, FIDO Alliance president Michael Barrett says conceptual roadblocks to success have vanished and progress in the next 6-12 months will bring legitimate strong authentication to the enterprise, help choke off major password hacks plaguing the Internet, and see hundreds of millions of FIDO-ready devices in the possession of people worldwide.

They are lofty expectations fraught with challenges, but Barrett’s optimism, refreshed at FIDO’s annual Plenary meeting earlier this month in Seoul, South Korea, is strong despite critics and buoyed by three recent and marquee FIDO deployments by Internet giants, Google, PayPal and Alipay, China’s leading online payment service.

Fast Identity Online (FIDO) is targeted at making devices and servers talk the same authentication language (as defined by open specifications) thus supporting an Internet authentication layer. Constellation Research analyst Steve Wilson has compared the consortium’s goal as doing for authentication what Ethernet did for networking.

“What was barely more than a wild idea in 2012 of a few guys who thought authentication could improve through standards is now turning into reality,” said Barrett.

He’s also passing around credit, saying end-users are clearly voicing their displeasure and feeling like they’ve been taken hostage by password maintenance.

“We have all gotten so used to what the password regime looks like, so not much of the world understands what [strong authentication] needs to look like,” Barrett said.

In an interview with ZDNet, Barrett focused on that picture. He discussed challenges still facing the 140-member consortium, getting FIDO specifications prepped for prime time, what ingredient is most needed in the membership mix, where FIDO fits in the larger picture of identity and access management, and why a password redo might actually work this time.

“The last time anybody tried to fix authentication through standards was x.509 and PKI,” says Barrett. “PKI was a brave experiment. You had to have a Ph.D. to install it, but it had a lot of good characteristics. It was just what it didn’t do very well, which was end-user authentication.”


Another obstacle is the fact FIDO is not a standards body, but as critics point out, a consortium of like-minded companies pushing specifications. It’s a modern model for standards work and very unlike traditional Internet Engineering Task Force procedures that vetted and approved most of the Web’s underpinnings.


Meanwhile, Barrett believes FIDO is poised to prove its worth from a starting line in the enterprise.

“Talk to any CISO about internal authentication and what they will tell you is current strong authentication is too expense and too painful for users,” says Barrett. “FIDO’s U2F protocol solves both, it is cheap and easy to use.”

Support for FIDO’s Universal Second Factor (U2F) is what Google added to its Chrome browser last week, giving Gmail users another level of protection against password hacks.

Barrett says criticism toward FIDO comes in the form of questions concerning the time it has taken the consortium to hone its specifications; U2F and the Universal Authentication Framework (UAF), which is at the heart of the PayPal and Alipay rollouts. Both specs are still in a draft stage.

“It has taken longer than what I had hoped for,” Barrett admits. But he adds it is important for it to be right “than rush something out that doesn’t work and has security holes.”


The Google, PayPal and Alipay rollouts validate for him that FIDO is on the right track.

He said the focus in 2015 will be supporting adoption work, working with end-users, user groups, and special interests focusing on specific use cases. The Alliance also will work on supporting those deploying the specs, help guide reference implementations, promote case studies, and educate regulators on the technology.

“There are buckets of work to do,” he said.


Etc....

http://www.zdnet.com/fido-boss-sees-group-settling-into-authentication-stride-7000035199/