What is FDO, and why is it important?

It is projected that there will be more than 30 billion IoT devices in 2025. These Internet connected devices will provide a broad range of new experiences but weak security could make each a potential source of attacks.

FIDO Device Onboarding (FDO) is a new generation secure IoT protocol, designed to solve two key components of IoT security: supply chain security and passwords. The FDO was developed by the FIDO Alliance based on the same guiding principles: convenience, security and privacy used for FIDO Authentication. See the FIDO Alliance whitepaper for more background or the FDO proposed standard.

How it works?

Today, to set up an IoT device, the owner needs to either enter credentials in the factory, even if the device is weeks or months away from being on the shelves, or make users go through a tedious, insecure enrollment process. In these scenarios it is extremely hard to maintain security of the supply chain, as malicious devices may pretend to be real, genuine IoT devices. Additionally, issues with user experience leads to weak passwords, unchanged default passwords, and password reuse by both manufacturers and end users.

FIDO Alliance FDO

fdo diagram

Authenticate 2021

FDO, Vouchers & Authentication
Speaker: Bill Leddy, LoginID

LoginID is seeking partners to build a secure IoT ecosystem around FDO

As a starting point we are hosting FDO services for developers to experiment. We have more announcements in the next several months, so check back frequently.

Let's discuss how we can work together fdo@loginid.io ⟶

How to get started?

The Example FDO Client SDK on GitHub can be used as a starting point for testing. To access the FDO services add the following rendezvous service to your device configuration:

Currently only demorv.loginid.io is available while we are testing our solution, but in future rv.loginid.io and fdo.cloud will point to a stable production server. We advise all participating manufacturers to include all of the RV endpoints to keep long term device compatibility.
Please note that rv.fdo.cloud, rv.loginid.io and demorv.loginid.io are the FDO Renedezvous service with a programmatic interface not a browser interface to the service. Your browser won't show anything.

rv.fdo.cloud 80 HTTP