Identity

New FIDO specification drafts seeks secure passkey transfers

Share
Metallic key on blue keyboard button closeup view

Open authentication standards industry group FIDO Alliance has released a pair of specification drafts for Credential Exchange Protocol and Credential Exchange Format to advance the secure transfer of passkey across various providers and increase the adoption of cryptography-using authentication method, reports BleepingComputer.

While CXP details secure credential transfers via the Diffie-Hellman key exchange and hybrid public key encryption, CXF details a standard structure for such credential transfer, with JSON within ZIP being one of the proposed formats, according to FIDO Alliance, which created the drafts with the cooperation of its members and stakeholders, including Google, Bitwarden, NordPass, Dashlane, and 1Password. Organizations and other experts looking to aid in the development of both specifications have been urged to do so through the "fido-alliance / credential-exchange-feedback" GitHub page. While FIDO Alliance will continuously update the drafts to include newly added suggestions, it has yet to announce when both specifications will be finalized.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.