Main Site
Intro
Product Feature
High-Level View
Features
Getting Started
Integration Overview Guide
Initial Setup
Demos & Sample Apps
Live DirectWeb Vue.js Demo
Live PHP Demo
Live Node.js Demo
Android Demo App
Node.js (Express)
Mobile - Client Side SDKS
Android
iOS
Flutter
React Native
Web - Client side SDKS
DirectWeb Integration
Server Side SDKS
OIDC Integration (Node.js)
PHP (laravel/lumen)
Federated OIDC Integration
Our Dashboard
Manage Users
Reports and Analytics
Support Docs
Glossary
Feature Flows
Learn about FIDO
OIDC Basics
Getting Started with LoginID API SDK
Tools for Seamless Adoption
LoginID Dashboard
Create your account
Login
Powered by GitBook

Glossary

Authenticator

A device that can generate and optionally store PKI credentials in FIDO format

Assertion

Data returned from the authenticator proving possession of the private key along with other metadata

Attestation

Data returned from the authenticator providing data about the authenticator and credentials it stores

CTAP

FIDO2 comes in two specification sets. One on the device side and the other on the browser side. CTAP is one (on the device side): client to authenticator protocol. This is the device protocol local so you can use an external device as an authenticator regardless of the primary device you are running the verification on.

FIDO2

A protocol to optimize the platform support. Main challenge is how to get millions of phones that already ship out of the box FIDO UAF support but can we get all of them. Can we get ubiquity for every android device, every windows device, every web browser? If so then this is a huge step towards a passwordless world.

OTP

One time Authentication.

Relying Party

The web application that requests and consumes the result of FIDO authentication. Can be an identity provider/SSO service or any other external authentication application.

U2F

Universal Second Factor (U2F).With U2F the service optionally can request a second factor at any time they choose. In this case, the user would have to have a fob, USB, or second device in order to login/register. This increases the chances that it's only you accessing this account since you would have to have more than one of your devices in order to login. The newest implementation is more secure than an old school time based, 6 digit codes since the cryptographic key being stored is only authorized with the website you set it to. It makes phishing with look-alike requests more difficult to accomplish.

UAF

Universal Authentication Framework (UAF) is meant as a replacement for simple authentication. With UAF, the user authenticates a device with the website, and then uses a biometric from that device going forward. The user then only needs to authenticate locally from that device going forward. The website can choose whether or not it will continue to store a password (seems dumb, but it's a choice the site can make).

User presence

The physical gesture used to determine a person is physically present

User verification

Process local to the authenticator to allow the generation of new credentials or sign a message with existing credentials. Can be a PIN, biometric, etc.

WebAthn

FIDO2 comes in two specification sets. One on the device side and the other on the browser side. WebAthn is one (on the browser side) Web API that brings in the FIDO authentication to the web browser.

Our Dashboard - Previous
Reports and Analytics
Next - Support Docs
Feature Flows
Last updated 7 months ago
Contents
Authenticator
Assertion
Attestation
CTAP
FIDO2
OTP
Relying Party
U2F
UAF
User presence
User verification
WebAthn