The FIDO Alliance is trying to boost adoption rates for FIDO security keys. To that end, the organization has published new user experience (UX) guidelines that are designed to make it easier to enable support for security keys in authentication workflows.
In more practical terms, the UX guidelines are a set of concrete steps that organizations can follow to design and implement a good login experience for anyone who wants to use a FIDO security key. The guidelines cover everything from enrollment all the way through to authentication, as well as management best practices. FIDO has also shared some educational tips for organizations that want to make people more aware of security key technology.
For its part, the Alliance believes that more people will be willing to embrace security keys if the customer journey is as seamless as possible. That, in turn, would close some of the gaps that exist in the current security environment. The Alliance noted that security keys are 100 percent effective against targeted attacks, making them one of the strongest forms of multi-factor authentication.
Major social media platforms like Twitter and Facebook have already introduced security key support, and the Alliance is hoping that that roster will expand thanks to the new guidelines. Security keys are physical hardware tokens that can be paired with a phone or a computer through a USB, Bluetooth, or NFC connection to verify someone’s identity based on a unique object that they have in their possession.
“One of our primary areas of focus is making FIDO more usable and accessible,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “I strongly encourage service providers to leverage these best practices when rolling out FIDO Authentication.”
The security key UX guidelines were put together by the FIDO Alliance UX Task Force in collaboration with the research firm Blink UX. The Task Force has already published a UX guideline for desktop authentication, and is made up of representatives from several FIDO Alliance members, including security key specialists like Yubico and Trustkey.