PKI och FIDO2
Information security with PKI is often associated with smartcards and an intricate, tightly regulated allocation process. In a way, it is actually a little like having a new bank card or passport issued.
FIDO2 is an open authentication standard, just like PKI. Supported by most browsers, it is used for secure login to Microsoft Office 365, Google, Amazon, Salesforce and many other services on the net. You can now combine PKI with FIDO2, thus drawing even more benefit from your investment in Multifactor Authentication, MFA. The two methods neatly complement each other and are used for different purposes.
FIDO2 is considered to be easier to get started with, while PKI allows broader application, with almost endless opportunities to establish secure login, digital signature and encryption in the IT environment as a whole.
YubiKey which is a fast security key featuring a number of different protocols, was the first device to offer built-in FIDO2 support combined with storage of certificates under the PIV standard.
So you can now enjoy the best of both worlds. If you use PKI for secure login, email, etc. in the internal environment, FIDO2 can serve as a valuable supplement for external authentication for your Gmail inbox and other web-based services.
We have also noted the upcoming arrival of smartcards with built-in FIDO2 keys that combine the use of digital certificates (PKI).
Want to know more?