HMS Core FIDO Helps Developers Quickly Build Secure Apps
Nowadays, users are becoming more and more aware of the importance of privacy and security protection when using apps. Therefore, protecting app security has become a top priority for developers.
HMS Core FIDO provides secure and trustworthy local biometric authentication and convenient online identity verification capabilities, helping developers quickly build security capabilities for their apps.
FIDO provides developers with biometric authentication (BioAuthn) capabilities, including fingerprint authentication and 3D facial authentication. It allows developers to provide secure and easy-to-use password-free authentication services for users while ensuring secure and reliable authentication results. In addition, FIDO provides FIDO2 client capabilities based on the WebAuthn standard, which supports roaming authenticators through USB, NFC, and Bluetooth, as well as platform authenticators such as fingerprint and 3D facial authenticators.
FIDO offers developers Java APIs that comply with the FIDO2 specifications. The user’s device can function as a FIDO2 client or a FIDO2 authenticator. When a user signs in to an app or signs in with a browser, they can verify their fingerprint using the fingerprint authenticator to complete sign-in without having to enter their password. This helps prevent security risks such as password leakage and credential stuffing. When a user uses the browser on their computer for sign-in or payment, they can use their mobile phone as a roaming authenticator to complete identity verification. FIDO can help developers’ apps safeguard user identity verification.
Most apps need to verify the identities of their users to ensure user data security, which usually requires users to enter their accounts and passwords for authentication, a process that may incur password leakage and bring inconvenience to users. However, such problems can be effectively avoided using FIDO. In addition, FIDO takes the system integrity check result as the premise for using the local biometric authentication and FIDO2 authentication. If a user tries to use a FIDO-enabled function in an app on an insecure device, such as a rooted device, FIDO can identify this and prohibit the user from performing the action. In addition, FIDO also provides a mechanism for verifying the system integrity check result using keys. Thanks to these measures, HMS Core FIDO can ensure that the biometric authentication results are secure and reliable.
In the future, Huawei will continue to invest in security and privacy protection to help developers build secure apps and jointly construct an all-encompassing security ecosystem.
For more information about FIDO, please visit its official website: https://developer.huawei.com/consumer/en/hms/huawei-fido/