Definition

FIDO2 / WebAuthn aims to replace passwords by leveraging a secure public-key-cryptography based authentication. Credentials are created and stored on hardware device (so-called authenticators).

FIDO2 / WebAuthn are open industry standards that are published and maintained by the FIDO Alliance. All major tech corporations, such as Google, Microsoft or Apple, back the FIDO Alliance and make the standards available across their devices, operating systems and browsers. This leads to a very high adoption of the standards.

Corbado provides the infrastructure for applications to communicate and implement these standards. This allows for easy introduction of a strong and secure authentication on many user devices without requiring additional hardware.

FIDO2 vs. WebAuthn

The difference between FIDO2 and WebAuthn is that WebAuthn is a subset of FIDO2.

FIDO2 encompasses the two standards CTAP and WebAuthn.

WebAuthn is an API that allows applications to access credentials that are stored on a device via the browser.