Close panel

BBVA.com

Close panel

Close panel

Close panel

BBVA.com

Shareholders and investors

BBVA in the World

BBVA Earnings

Corporate information

Contact

BBVA financial information

Financial calendar

Latest news

BBVA Podcast

Press Room

Customer service via social networks

Special reports

BBVA webs

Careers at BBVA

Social media

Vulnerability Disclosure Program

English Español

Close panel

Debt investors

Sustainability and Responsible Banking

Corporate Governance and Remuneration Policy

Up

Cybersecurity Updated: 14 Jan 2020

What is FIDO? The new standard for online authentication

The new Fast Identity Online (FIDO) standard reinforces the security of online identity authentication systems on mobile devices and web applications. Its goal is to replace the exclusive use of passwords with more secure biometric authentication mechanisms that are protected by encryption systems.

BBVA-Biometria-Movil-fido-autenticación-online

Communications

Listen to audio Leer en español

Created by the world’s leading tech companies, the Fast Identity Online (FIDO) Alliance, strives to change the way online authentication takes place, making it more secure and convenient.

BBVA joins forces with Nok Nok Labs to boost the use of biometric authentication on its mobile banking services

BBVA has partnered with the authentication solutions company Nok Nok Labs — one of the driving forces behind the new FIDO (Fast Identity Online) standard aimed at strengthening the security of biometric systems on mobile devices. The agreement is part of BBVA's strategy to improve the security and user experience of its mobile banking services through state-of-the-art biometric capabilities.

Currently, passwords are most common method for online authentication - a system that could create problems as they must be complex to be secure, and if they’re complex they’re hard to remember. Even more so considering that users have an average of 90 online accounts, according to the FIDO Alliance.

In order to improve this situation and make online identity authentication more secure, the FIDO Alliance has created a series of interoperable technical standards that facilitate the creation of secure and fast login experiences on websites and apps. This makes user identification easier through the use of biometric systems like fingerprints or facial recognition, as well as second-factor or multi-factor authentication, which verifies that the person is who they say they are several times via different mechanisms.

The use of FIDO standards facilitates the secure integration of these authentication alternatives on mobile devices and web navigators. It is based on the use of public key encryption techniques, which provide a more robust and convenient identification method than the use of passwords as the only protection system.

How does it work?

When a user registers on an online service that utilizes the FIDO standard, the system generates a set of cryptographic keys, so that the private password is kept in the hardware of the device and the public password is saved on the online service. In order to authenticate a user’s identity, the customer’s device must show the online service that it has the private password by performing a mathematical verification. In fact, the customer’s private password can only be used once the user has unlocked the device locally. They can do so in a secure and simple manner with their fingerprint, voice, or by introducing a PIN.

As a result, the user’s privacy and access credentials are protected, and users are not forced to choose between better security and a better user experience - they can have both.

FIDO Alliance

Keep reading about