FIDO Authentication

FIDO Alliance (Fast Identity Online Alliance) is an internationally recognised organisation with an open standard, which Gallagher has implemented to enable fast, simple, and secure logon to the Gallagher SMB app. Behind the scenes, each user has a credential stored on their phone as part of the onboarding process. This credential is a security mechanism that allows our app to verify that the person accessing the cloud service is using an authorised device.

As part of the onboarding process, each user chooses a second means of authentication for logging into the app (the first means of authentication is the credential stored on their phone). The options presented to the user will depend on the options supported by their mobile phone. These include a passcode, or a biometric logon such as a fingerprint or facial recognition.

The value of FIDO authentication is that it provides a high level of security while being very simple to use. Each invited person chooses a means of logging into the app, which they are already familiar with because they already use this to unlock their mobile phone (e.g. a PIN, passcode or fingerprint).

FIDO’s main purpose is to provide a secure and simple means of authenticating from a mobile app to internet-based servers. They particularly wanted to remove the need for people to use passwords on the web, as weak or hacked passwords are known to be a major reason for security breaches.