Built-in FIDO Authenticators

Dear Readers,

This week’s blog is about how most of all IT breaches are due to stolen login credentials, mainly from static passwords or other weak authentication methods. AmbiSecure and FIDO-enable authenticators are here to stop account takeovers and advanced phishing attacks and make the internet safer for everyone.

The use of multi-factor authentication is vital, as it ensures that information is only accessed by the intended person, making it harder for cybercriminals to steal. If user data is less tempting, cyber thieves will go for a different one. Multi-factor authentication is a blend of two different factors. One is usually the username and password, which is something the user knows.

Ambimat Electronics, with its experience of over forty years, desires to draw the attention of its readers and potential customers towards this blog post about their new product called AmbiSecure key and how it will benefit us.

Built-in FIDO authenticators and AmbiSecure are making the internet safer for all

With passwords being vulnerable to cyberattacks many set out to protect individuals by making secure login simple and available for all. Large corporations, such as Google, and Microsoft also joined in to implement FIDO/WebAuthn compatible platform authenticators.

AmbiSecure has been focused on bringing portability, security, and privacy across all systems and devices.

Portable root of trust —

AmbiSecure can be used for all devices, including mobile devices and shared workstations. When computing device is lost or broken, AmbiSecure can be the prime authenticator or a cost-effective backup authentication key, as based on FIDO principles several authenticators can be registered to accounts. AmbiSecure is completely durable and do not require any batteries to operate.

Reducing the attack surface —

It is still safer to store cryptographic secrets in a more secure part of the phone than inside a software app; however, the risk is further mitigated when credentials are kept separate and outside of a complex, multipurpose device. A trustworthy supply chain is important for all authenticators, whether they are built-in or external. Intel SGX vulnerabilities illustrate the danger of constantly connected multipurpose hardware to the internet. Most certifications are concerned with interoperability, few review
cryptographic code, and none can guarantee the security of total systems, implementation, and supply chain.

Decentralization and ecosystem independence —

User credentials will be linked with the platforms and systems of major tech companies, including Google, Apple and Microsoft. These privacy trade-offs will be accepted by most users and consumer applications, but for others — high-risk individuals, large corporations, and governments — they may be a
concern.

A large portion of the population use the internet and they require simple, yet strong protection to login to their accounts. Weak authentication, static passwords, and stolen login credentials are the root cause for all breaches to happen. FIDO-enabled mobile device and AmbiSecure help stop account takeovers and prevent against sophisticated phishing attacks, ensuring that the internet is safe for all. Thanks to the AmbiSecure team and the open standard community the vision to provide safe and secure authentication to users around the globe has finally come true.

AmbiSecure: FIDO-based authenticator

FIDO2 is a standard that simplifies and secures user authentication. It uses public-key cryptography to protect from phishing attacks and is the only phishing-proof factor available. Corporations around the world and across many sectors, including healthcare, can benefit from Fast Identity Online or Fast ID Online (FIDO) authentication, which their employees and users can use to minimize security risks, and improve overall user experience. The AmbiSecure key and card is FIDO certified which offers superior security by combining hardware-based authentication and public key cryptography to effectively defend against phishing attacks and eliminate account takeovers.

AmbiSecure helps organizations accelerate to a password-less future by providing FIDO2 protocol support. Not only does FIDO2 supports two-factor authentication, but also paves the way for eliminating weak password authentication, with strong single-factor (passwordless) hardware-based authentication. The AmbiSecure provides a simple and intuitive authentication experience that users find easy to use, ensuring rapid adoption and organizational security. Ambisecure key or card does not require a battery or network connectivity, making authentication always accessible.

Reference:

https://www.yubico.com/blog/built-in-fido-authenticators-and-yubikeys-are-making-the-internet-safer-for-all/

Steps to go passwordless
Cyber Security best practices with the proliferation of employees working from home