Hideez Assists FIDO Alliance in Launching the New Metadata Specification (MDS3)

FIDO MDS3

With the demise of password-based security and a growing diversity of authenticators over the last few years, a new streamlined repository to add and view FIDO Certified authenticators has long been needed. And here comes the Metadata Service version 3! The service was upgraded by the FIDO Alliance in collaboration with Hideez Group and introduced this week as a replacement to the deprecated MDS2.

What is MDS?

Metadata Service (MDS) is a centralized web repository of the Metadata Statement. FIDO MDS is a credible source of information about FIDO authenticators, their certification status, and security issues. Organizations deploying FIDO can use it to validate authenticator attestation and prove device authenticity.

Additionally, organizations can utilize certification information to comply with necessary regulations and use it to strengthen their security policies by restricting devices with certified-only policies.

Why is MDS3 better than legacy MDS2?

MDS3 brought a lot of improvements and advancements over the legacy MDS2. For comparison:

FIDO MDS2:
● In-house PKI
● Monthly publication cycle
● Complicated UI
● Requires an access token
● Requires to download metadata files individually (100s of requests)

FIDO MDS3:
● Commercial PKI by GlobalSign
● Improved UI and UX
● No longer requires an access token
● Simplified API to download metadata - one BLOB with all metadata statements
● Improved schema - replaced numerical values and bitfields with strings identifiers
● Daily publication cycle
● Cloud backed global caching

 

FIDO Metadata Service Interface

The updated Metadata Service UI

 

Legacy MDS2 will be deprecated in October 2022. Affected companies should start working on migrating to MDS3.

Since joining FIDO Alliance in December 2020, Hideez Group has been leading its efforts in FIDO. Hideez certified its security key, developing new FIDO products, presenting and pushing ecosystem adoption forward with its Enterprise Server.

 

For more information, visit https://fidoalliance.org/metadata