Simply insert your token and press the button and you are authenticated. It is really that simple!
When you register the FIDO security key, or token, to an account at a particular online service or website (called the origin), the token creates a new key pair specific to that origin and gives the origin its public key to associate with your account. The browser also sends a hash of the origin site to the token. The hash of origin is a combination of protocol, hostname, and port. It serves as a unique ID for your token to recognize, like a signature. Afterwards, when you sign in to your account as usual, the origin site can check—in addition to your username and password—whether the registered HyperFIDO token is present or not by verifying a signature created by the token.
Universal 2nd Factor (U2F) is an open authentication standard that strengthens and simplifies two-factor authentication using specialized USB or NFC devices based on similar security technology found in smart cards. While initially developed by Google, the standard is now hosted by the FIDO Alliance.
FIDO's aim is that its specifications will support a full range of authentication technologies, including biometrics such as fingerprint and iris scanners, voice and facial recognition, as well as existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB security tokens, embedded Secure Elements (eSE), smart cards, and near field communication (NFC). The USB security token device may be used to authenticate using a simple password (e.g. 4-digit PIN) or by pressing a button. The specifications emphasize a device-centric model. Authentication over the wire happens using public-key cryptography. The user's device registers the user to a server by registering a public key. To authenticate the user, the device signs a challenge from the server using the private key that it holds. The key on the device are unlocked by a local user gesture such as a biometric or pressing a button.
FIDO specifications provides two categories of user experiences. Which one the user experiences depends on wheter the user interacts with the Universal Second Factor (U2F) protocol or the Universal Authentication Framework (UAF) protocol. Both FIDO standards define a common interface.
An NFC version of our FIDO U2F security key will be launched. These will be able to work with mobile devices that support NFC.
As you may know now FIDO supports DropBox, GitHub, Windows10, Google Apps and the list is growing.