Google Launches Security Key, World’s First Deployment of Fast Identity Online Universal Second Factor (FIDO U2F) Authentication

FIDO U2F User Experience

The FIDO (Fast IDentity Online) Alliance (, a global industry consortium delivering open standards for simpler, stronger authentication, is announcing that Google is the latest member organization to deploy support for FIDO Alliance authentication standards.

Also, Google Chrome became the first web browser to implement support for FIDO Alliance authentication standards, opening the door for any website to deploy simpler, stronger FIDO U2F authentication to users of the world’s most popular web browser.

Google announced that they are strengthening their 2-Step Verification by offering support for Security Key, a FIDO Ready™ U2F compliant physical USB second factor device that offers a simpler, stronger alternative to today’s six digit one-time passcodes (OTP).

Google’s new Security Key solution offers even more protection for their most security-sensitive users.

Rather than typing a code, the user just inserts a Security Key into their computer’s USB port and taps it when prompted in the Google Chrome browser.

When signing into a Google Account this way, users can be assured that their second factor cannot be phished, because Security Key doesn’t provide its cryptographic signature when a fake site is attempting to impersonate a Google sign-in page in Chrome.

Chrome incorporates the open FIDO Universal 2nd Factor (U2F) protocol, so other websites with account login systems can now build support for FIDO U2F into their web applications and instantly enable this experience for their users who run Chrome.  

Security Key works with Google Accounts at no charge, and users can buy a compatible USB device directly from any tested and approved FIDO Ready U2F vendor.

“We’re glad to participate in the FIDO Alliance, and to bring FIDO U2F support to Google and to Chrome,” said Sampath Srinivas, Product Management Director at Google and FIDO Alliance board member.

“We congratulate Google for making FIDO U2F authentication an option for their users,” said Michael Barrett, president of the FIDO Alliance. “With large scale deployments of FIDO UAF in payments applications from PayPal, Samsung, AliPay, Nok Nok Labs, and Synaptics, and this announcement of FIDO U2F authentication by Google, there is no doubt that a new era has arrived. We are starting to move users and providers alike beyond single-factor passwords to more secure, private, easy-to-use FIDO authentication.”

“Secure element ICs revolutionized security for banking cards, ePassports and mobile payment,” said Sami Nassar, Vice President and General Manager of Cyber Security Solutions at NXP Semiconductors. “Today, through the FIDO U2F authentication protocol, secure element ICs bring a new level of security to user authentication for enterprise networks and consumer cloud services.”

“Browser support for FIDO U2F is a major step toward scaling high security public key authentication to the mass market,” said Stina Ehrensvard, CEO & Founder of Yubico, Inc. “With a U2F enabled device, users can now login to Google Accounts and any number of services with FIDO U2F support – with no drivers, client software or middleware needed!”

Several FIDO Alliance members are announcing their product lines of FIDO Ready devices that work with Google’s Security Key feature and any future deployments of FIDO U2F authentication.

These FIDO Ready devices enable online service providers, enterprises, and users to take advantage of FIDO U2F authentication.

Empowering users and enterprises by enabling choice from a range of interoperable strong authentication products is a hallmark of the FIDO Alliance.

The emerging ecosystem of FIDO U2F products and services being announced today, combined with the previously announced FIDO UAF offerings, represents a strong and vital marketplace of  interoperable FIDO authentication choices available now and growing quickly.

To begin using FIDO U2F authentication today, there are FIDO Ready devices, authenticators, open source solutions, and servers available now directly from the following vendors:

Duo Security,
Nok Nok Labs,
Plug-up International,
ST Microelectronics,
SurePassID; and

FIDO standards will support a full range of authentication technologies, including biometrics, such as fingerprint and iris scanners, voice and facial recognition, as well as further enabling existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, embedded Secure Elements (eSE), Smart Cards, Bluetooth Low Energy (BLE), and Near Field Communication (NFC).

The open standards specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments.

FIDO specifications allow the interaction of technologies within an interoperable infrastructure, enabling authentication choice to meet the distinct needs of users and organizations.