FIDO2 authentication
With Digital Access Authentication Server, any FIDO2 compliant security key can be used to provide users password-less authentication. FIDO2 is a protocol name for a new, modern, simple, secure, phishing proof, password-less authentication developed by FIDO. It contains core specifications, WebAuthn and CTAP. Fast Identity Online (FIDO) Alliance is a consortium that works on these authentication protocols and standards.
FIDO2 has two types of the authenticators: security keys, and platform authenticators. Security Keys are physical devices that connect via USB, NFC, or BLE. Platform authenticators are built into the OS, for example iOS, Android, MacOS and Windows devices. FIDO2 Authentication standards are based on public key cryptography. Instead of relying on passwords, it uses a pair of cryptographic keys.
Nexus solution supports authentication using FIDO2 Security Keys. Users can register their credentials with cross-platform authenticators, that is, hardware security keys through Self-Service.
Features not currently supported are Attestation, Extensions and Custom timeout.