Functional presentation

What is FIDO ?

FIDO (Fast Identity Online) main purpose is to reduce the use of passwords and improve authentication standards on desktop and mobile devices. FIDO is designed to protect personal security and privacy because private keys and biometrics, if used, never leave a person's device. You can swipe a fingerprint or enter a one-time PIN, for example, without needing to remember a complex password. FIDO is also supported by major browsers and operating systems.

 

What is Worldline solution ?

Worldline is proposing FIDO2 Webauthn solution for web in order to provide 2-Factor Authentication with a simple and pleasant user experience. The solution is fully standardized and combine a possession factor with the following list of authenticators :

 

Authentication factors compatible with FIDO 2​

  • Fingerprint (with device sensor)​
  • Face recognition ​
  • PIN of the operating system (Windows, iOS…)​
  • FIDO hardware tokens
  • Memorized path

Integration modes

Pop-up (managed by the browser via WebAuthn…)

Delivery modes

Full API mode

 

Main features

Biometrics from any device

All the biometric sensors can be used :  fingerprint computer’s  sensor, mobile’s biometric sensors, camera…

Multi-use cases

FIDO authentication can suits any use case. (online banking use cases, 3DS use cases, with emvCO2.3 and SPC, delegated authentication…)

Frictionless UX

No app or plug-ins are needed to be installed from the user.

 

How does it works ?

 

FIDO

 

Here are the components of the solution.

On the device is the Relying Party (RP) Application that runs in the browser. The application calls for WebAuthn APIs to reach FIDO authenticators.

The RP Application calls the RP App Server to perform FIDO Authentication. The RP App Server is linked to the application that manages the FIDO authentication context.

The RP App Server calls the WL FIDO Server, which is a shared certified server that manages FIDO enrolment and authentication.

 

Architecture of the authentication process

architecture fido

 

How does it look ?

Step 1

Before validating a transaction, you can check the context. Click on “validate” to start the authentication.

step 1 fido

Step 2

Scan your finger on the biometric sensor to authenticate your transaction.

step 2 fido

Step 3

If your fingerprint is recognized, you are authenticated.

step 3 fido

Step 4

Your transaction is validated.

step 4 fido

 

What does Worldline offer ?

The solution relies on the certified FIDO Server by Worldline that manages the enrollment and authentication. This service is used by APIs. Any Relying Party Application Server that is known by the FIDO Server by Worldline can perform FIDO operations.

On the browser side, either the client application makes the calls to the WebAuthn APIs, or it can use the proposed Worldline SDK.

Enable "on this page" menu on doc section
On