Government of Canada (GC) Guideline on Multi-Factor Authentication (MFA): Technical Recommendations for Authenticators to Support MFA Within the GC Enterprise Domain

2.3.1 Phishing (verifier impersonation) resistance

There are many different definitions for the term “phishing.” Some definitions are very narrow and focus on specific types of attacks while others are more general. In general, phishing is an attempt by a threat actor to trick a user into revealing sensitive information such as passwords or bank account numbers, or to do something that they should not, such as clicking on a malicious link that downloads malware.

In the context of authentication, phishing resistance is defined as the ability of the authentication protocol to detect and prevent disclosure of authentication secrets and valid authenticator outputs to an impostor RP without reliance on the vigilance of the user.^{Footnote 19} More specifically, phishing-resistant authenticators provide strong protection against a type of adversary-in-the-middle attack known as verifier impersonation. This is where a threat actor lures a user to a fake website positioned between the user and the legitimate verifier or RP.^{Footnote 20} The threat actor poses as the legitimate verifier website to the user, and as the user to the legitimate verifier, in order to gain unauthorized access to the user’s account or resources the user is attempting to access. Protection against verifier impersonation is provided by channel binding or verifier name binding.

Note that phishing-resistant authenticators use asymmetric cryptography to support verifier impersonation resistance. Authenticators that require the user to manually enter the authenticator output such as passwords, OOB authenticators with number matching or OTP authenticators are not resistant to verifier impersonation since the authenticator output is not bound to the specific session being authenticated.

At LoA 4/AAL3, at least one of the authenticators must be phishing resistant. It is also strongly recommended that at least one of the authenticators at LoA 3/AAL2 should be phishing resistant. However, there are authenticators and authenticator combinations permitted at LoA 3/AAL2 that are not inherently phishing resistant. In these cases, compensating security measures must be implemented as part of the authentication process in order to mitigate the risk of successful phishing attacks.^{Footnote 21} For example, ensuring that the user is authenticating from a GC-managed device,^{Footnote 22} verifying the device is configured properly, and detecting anomalous geolocations can help to compensate for the lack of phishing-resistant authenticators. In addition, user awareness and training is an important mitigation measure that can help to prevent successful phishing attempts. However, note that these examples are not meant to represent an exhaustive list. Furthermore, as the threat landscape evolves, so too must the compensating security measures, and therefore departments should continually monitor and adjust as necessary.

The guidance for phishing-resistant authenticators is summarized as follows:

• LoA 2/AAL1: no stipulation
• LoA 3/AAL2: recommended, otherwise additional security measures as discussed above need to be implemented
• LoA 4/AAL3: required

Additional sources of information regarding phishing resistance include:

• Cybersecurity and Infrastructure Security Agency: Implementing Phishing-Resistant MFA
• Office of Management and Budget M-22-09: Moving the U.S. Government Toward Zero Trust Cybersecurity Principles^{Footnote 23}

2.3.2 Cryptographic key protection

Cryptographic authenticators may be based on symmetric or asymmetric cryptography and may be implemented in software or hardware. In all cases, the secret keys (in the case of symmetric cryptography) or private keys (in the case of asymmetric cryptography) used to support the user authentication process must be protected from unauthorized use, disclosure or modification.

How cryptographic authenticators protect the cryptographic keys will depend on the type of authenticator (for example, software versus hardware) as well as the LoA/AAL at which it is used, and may be implemented in several ways including the use of a trusted platform module (TPM),^{Footnote 24} secure element (SE)^{Footnote 25} or trusted execution environment (TEE).^{Footnote 26}

Both ITSP.30.031 v3 (see Table 6) and NIST SP 800-63B (see Sections 5.1.6.1 through 5.1.9.1) provide guidance regarding cryptographic key protection. In addition, specific requirements at each credential LoA/AAL include:

• LoA 2/AAL1: cryptographic keys may be stored on disk or other “soft” media as long as they are strongly protected against unauthorized disclosure by the use of access controls that limit access to the key to only those software components on the device requiring access^{Footnote 27}
• LoA 3/AAL2: suitable TPM-, SE- or TEE-required private signing keys must be generated on and must not be exported from the TPM, SE or TEE,^{Footnote 28} and all cryptographic operations to support user authentication must be performed within the boundary of the TPM, SE or TEE; additional guidance includes:
  • software TPMs as defined by the Trusted Computing Group (see Appendix C) must not be used and, if supported on the computer platform or mobile device, must be disabled
  • MF cryptographic software authenticators that store the cryptographic keys on disk or other soft media are not permitted at LoA 3/AAL2 or higher
  • it is recommended that SF or MF OTP software authenticators used at LoA 3/AAL2 or higher operate on a hardware device such as a GC-managed mobile device (that is, smartphone) physically separate from the general-purpose computer platform
• LoA 4/AAL3: separate dedicated hardware such as a discrete TPM (see Appendix C) or embedded SE is required, the cryptographic keys must be generated and securely stored on dedicated hardware and must not be exportable, and all cryptographic operations to support user authentication must be performed within the boundary of the dedicated hardware; additional guidance includes:
  • platform-independent hardware authenticators dedicated to the authentication function are required (for example, a FIDO2 roaming authenticator or PKI-based smart card)^{Footnote 29}
  • the activation factor used to unlock or activate an MF cryptographic hardware authenticator such as a PKI-based smart card should be securely communicated either through a trusted path (that is, does not flow through the computer platform’s operating system) or by entering the activation factor directly on the smart card or card reader (for example, a fingerprint scanner on the card or card reader)

In addition, for MF authenticators, each authentication operation requires the input of the associated activation factor to unlock or activate the authenticator. Submission of the activation factor must be a separate operation from unlocking of the host device (for example, computer platform or smartphone), although the same activation factor used to unlock the host device may be used in the authentication operation.^{Footnote 30}

Cryptographic module validation requirements are addressed in Section 2.3.3 below.

2.3.3 Cryptographic module validation

As stipulated in ITSP.30.031 v3 and NIST SP 800-63B, cryptographic modules must be validated to meet the requirements of Federal Information Processing Standard (FIPS) 140^{Footnote 31} as follows:

• cryptographic authenticators used at LoA 3/AAL2 must be validated to at least FIPS 140 Level 1
• single-factor cryptographic hardware authenticators used in conjunction with another authenticator at LoA4/AAL3 shall be validated at FIPS 140 Level 1 or higher overall, with at least Level 3 physical security
• multi-factor authenticators used at LoA 4/AAL3 shall be hardware cryptographic modules validated at FIPS 140 Level 2 or higher overall, with at least Level 3 physical security

Note: There is no stipulation at LoA 2/AAL1 for authenticators, although see NIST SP 800-63B, Section 4.1.2, for verifier requirements.

Cryptographic authenticators must operate only in FIPS mode. Only cryptographic algorithms recommended in ITSP.40.111 shall be used, and any relevant security protocols shall be configured as recommended in ITSP.40.062.

2.3.4 Adversary-in-the-middle resistance

“Adversary in the middle” (AitM),^{Footnote 32} formerly referred to as “man in the middle” (MitM), is when a threat actor is positioned between two communicating parties in order to intercept and/or alter data travelling between them. In the context of authentication, the threat actor could be positioned between a user and a credential service provider during enrolment or authenticator binding, or between a user and a verifier.^{Footnote 33}

As stipulated in ITSP.30.031 v3 and NIST SP 800-63B, communication between the user and the verifier must be via an authenticated protected channel (for example, TLS) to provide confidentiality of the authenticator output and resistance to AitM attacks at LoA 2/AAL1 and higher. However, the degree of AitM resistance can vary as described in the next paragraph.

A protocol is considered to be weakly resistant to AitM attacks if it provides a mechanism for a user to determine whether they are interacting with the real verifier or RP, but still leaves the opportunity for the non-vigilant user to reveal an authenticator output to an unauthorized party that can then be used to masquerade as the user to the real verifier or RP. For example, sending a password over server-authenticated TLS is weakly resistant to AitM attacks. The web browser allows the user to verify the identity of the verifier or RP; however, if the user is not sufficiently vigilant, the password can still be revealed to an unauthorized party. A protocol is said to be strongly resistant to AitM attacks if it does not rely on the vigilance of the user to prevent disclosure of authenticator outputs to an unauthorized party masquerading as the verifier or RP. An example of such a protocol is client-authenticated TLS, where the browser and the web server mutually authenticate one another using PKI. Authentication protocols that can detect verifier impersonation, as discussed in Section 2.3.1, are strongly resistant to AitM attacks.

Specific AitM resistance guidance is:

• LoA 2/AAL1: at least weak resistance is required
• LoA 3/AAL2: at least weak resistance is required; however, note that at least one phishing-resistant authenticator is recommended, as stipulated in Section 2.3.1
• LoA 4/AAL3: strong resistance is required, at least one phishing-resistant authenticator is required, as stipulated in Section 2.3.1

2.3.5 Replay resistance

An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Protocols that use nonces or challenges to prove the “freshness” of the transaction are resistant to replay attacks. Examples of replay-resistant authenticators are OTP authenticators, cryptographic authenticators and look-up secrets. In contrast, memorized secrets are not considered replay resistant because the authenticator output – the secret itself – is provided for each authentication.^{Footnote 34}

The replay resistance guidance provided in ITSP.30.031 v3 and NIST SP 800-63B is adopted (with the exception of the modified LoA 2/AAL1 guidance) as follows:

• LoA 2/AAL1: recommended^{Footnote 35}
• LoA 3/AAL2: required
• LoA 4/AAL3: required

2.3.6 Authentication intent

The latest guidance available from NIST SP 800-63B-4 (Second Public Draft) describes authentication intent as follows:

An authentication process demonstrates intent if it requires the claimant to respond explicitly to each authentication or reauthentication request. The goal of authentication intent is to make it more difficult for authenticators (e.g., multi-factor cryptographic authenticators) to be used without the claimant’s knowledge, such as by malware on the endpoint. The authenticator itself shall establish authentication intent, although multi-factor cryptographic authenticators may establish intent by reentry of the activation factor for the authenticator.

Authentication intent may be established in several ways. Authentication processes that require the claimant’s intervention can be used to prove intent (e.g., a claimant entering an authenticator output from an OTP authenticator). Cryptographic authenticators that require user action for each authentication or reauthentication operation can also be used to establish intent (e.g., by pushing a button or reinsertion).

The presentation of biometric characteristics does not always establish authentication intent. For example, using a front-facing camera on a mobile phone to capture a face biometric does not constitute intent, as it can be reasonably expected to capture a face image while the device is used for other non-authentication purposes. In these scenarios, an explicit mechanism (e.g., tapping a software or physical button) shall be provided to establish authentication intent.

The NIST authentication intent guidance is adopted as follows:

• LoA 2/AAL1: not required
• LoA 3/AAL2: recommended
• LoA 4/AAL3: required

Note that if a single-factor cryptographic hardware authenticator is used in conjunction with a strong password at LoA 4/AAL3, authentication intent must be established by requiring physical input from the user (e.g., the pressing of a button) in order for the authenticator to operate. However, note that the act of pressing the button to confirm physical presence does not constitute an additional authentication factor.

2.3.7 FIDO-specific considerations

An overview of the FIDO Alliance specifications and W3C WebAuthn recommendation, including some of the technical details relevant to this subsection, are provided as Appendix B. The reader should be familiar with the terminology and concepts discussed in Appendix B before proceeding further with this subsection.

2.3.8 Implementation guidance summary

Table 2.4 provides a summary of the recommendations made in the previous subsections. Note that this is an abbreviated summary only; the referenced section should be consulted for additional details. Also note that there are no stipulations with respect to LoA 1 authenticators since they are not permitted.

2.4.1 Authenticator binding

Binding authenticators to a specific identity is critical to ensure that the right user is accessing the appropriate resources (for example, accounts, applications, services and information). Binding a user to one or more authenticators occurs during the user enrolment process, and it can also occur later by using previously issued authenticators to bind new authenticators.

Guidance with respect to authenticator binding is provided in Section 6.1 of NIST SP 800-63B. Section 6.1.2.1 of NIST SP 800-63B addresses the use of authenticators at a given level of assurance to bind other authenticators at the same or lower LoA. Section 6.1.2.2 of NIST SP 800-63B addresses the possibility of using a single-factor authenticator to add a different type of second-factor authenticator, potentially raising the level of assurance from LoA 2/AAL1 to LoA 3/AAL2 (depending on the authenticators). An example is when a user authenticates to a web service using a previously registered userid and password and then registers a something you have authenticator (for example, a FIDO authenticator) to be used as a second factor from that point forward.^{Footnote 39}

However, use of an existing userid and password to bind an additional second-factor authenticator does not guarantee that the user account has not already been compromised, so the user attempting to register an additional authenticator could be an imposter. Although NIST recommends that a notification of the event should be sent to the user via an out-of-band method (for example, a registered email account), this may not be sufficient, by itself, to detect account compromise. Therefore, additional measures should be taken to add assurance that the user is whom they claim to be. This can be accomplished if the second factor is already bound to that user (for example, a GC-managed smartphone issued to the user is to be used as the second factor). If the second authenticator has not been previously bound to the user, then other methods should be employed. For example, verification of a one-time passcode sent or provided to the right user via a reliable out-of-band means can be used to establish additional confidence that the user involved in the registration is whom they claim to be. The out-of-band mechanism should be time-bound (for example, expires in 10 business days).

2.4.2 Authenticator recovery

Appropriate authenticator recovery mechanisms must be in place to re-establish user access in the event that an existing authenticator is lost, stolen or damaged. Recovery methods will vary depending on the type of authenticator, but in all cases, they must be at least as strong and secure as the method(s) used to establish the original authenticator binding. Section 6.1.2.3 of the NIST SP 800-63B provides additional guidance related to authenticator recovery. Furthermore, users need to be informed of their responsibilities such as immediately reporting lost or stolen authenticators (see Section 6.2 of NIST SP 800-63B for additional information).

Note that there are other authenticator life-cycle management considerations that need to be taken into consideration as well, including renewal (Section 6.1.4 of NIST SP 800-63B), suspension (Section 6.2 of NIST SP 800-63B), expiration (Section 6.3 of NIST SP 800-63B), and revocation (Section 6.4 of NIST SP 800-63B).

2.4.3 Reauthentication

Reauthentication is used to determine if the previously authenticated user is still present on a given session, either due to user inactivity or after a certain amount of time has passed. The NIST Digital Identity Guidelines (see Sections 4.1.3, 4.2.3, 4.3.3 and 7.2 of NIST SP 800-63B) describe reauthentication requirements at each AAL. Those requirements are adopted with additional clarification as follows:^{Footnote 40}

• LoA 2/AAL1: reauthentication is required at least once every 30 days regardless of user activity; RPs are free to determine their own user inactivity timeout requirements, if any
• LoA 3/AAL2: reauthentication is required at least once every 12 hours regardless of user activity; reauthentication is also required after 30 minutes of user inactivity (although the user may be prompted to see if they are still present before the inactivity threshold is reached^{Footnote 41}); reauthentication of a session that has not yet reached its time limit may require only a memorized secret or a biometric in conjunction with the still-valid session secret
• LoA 4/AAL3: reauthentication is required at least once every 12 hours regardless of user activity; reauthentication is also required after 15 minutes of user inactivity (although the user may be prompted to see if they are still present before the inactivity threshold is reached^{Footnote 42}); reauthentication requires MFA

If the user does not successfully reauthenticate within one minute of a reauthentication request, the session shall be terminated. If reauthentication is successful, both the session and user inactivity timeout thresholds should be reset.

Note that NIST points out (see NIST SP 800:63 Digital Identity Guidelines – Frequently Asked Questions) that there may be other means of ensuring that the user’s device is not used by an unauthorized party, such as locking the user device at the operating system level and requiring local authentication for the user to unlock the device. However, it is not always possible for a RP to know the state of the user’s device, and, in these cases, the session timeouts act as a reasonable control. However, if the RP knows that the user is using a managed system that requires screen lock by a system policy, the RP may be able to relax its session timeouts for such devices. Alternatively, an RP could manage most of the user’s interactions at a lower AAL and switch to a higher AAL for sensitive operations. In these cases, the lesser-privileged session would be allowed to last much longer than the privilege escalation. Adopting compensating controls such as these are part of the risk assessment process.

[Note: While Section 7.2.1 of NIST SP 800-63B discusses the requirement for an RP to convey the maximum authentication age to an IdP/CSP in a federated scenario, it does not discuss the possibility of forcing reauthentication, which is supported by both the Security Assertion Markup Language (SAML) and OpenID Connect federation protocols. This can be used by RPs to force reauthentication regardless of the status of the authenticated session between the user and the Identity Provider (IdP). Fortunately, the draft Revision 4 of the NIST Digital Identity Guidelines has added the notion of forced authentication in Section 5.6 in SP-800-63C-4.]

2.4.4 Step-up authentication

Step-up authentication, which should not be confused with reauthentication, as described in the previous subsection, is when there is a requirement to elevate the LoA of a given authenticated session (for example, the user is authenticated at LoA 2 and requests access to a resource that requires LoA 3 authentication). RPs should be capable of prompting the user (or redirecting the user to an IdP in a federated environment) to authenticate at the higher level of assurance to support step-up authentication when needed.

2.4.5 Centralized authentication

As noted in Multi-Factor Authentication Considerations and Strategy for GC Enterprise IT Services, a centralized enterprise authentication solution with the ability to support multiple MFA methods based on open, industry-accepted standards is a critical component of the overall GC identity, credential and access management (ICAM) strategy. Authentication should be centralized to the maximum extent possible in order to remove the burden of supporting multiple authentication mechanisms from individual applications and services, provide support for single sign-on and enable federation. Centralized authentication also helps to more easily support continuous, risk-adaptive access control, as discussed in the next subsection.

2.4.6 Risk-adaptive access control

Risk-adaptive access control (or simply adaptive access control) is a dynamic access control model that uses multiple security metrics such as the strength of the user authentication method, the level of assurance of the session connection between the system and a user, the geolocation of the user, and other considerations in order to render informed access control decisions.^{Footnote 43}

While not meant to be an exhaustive representation, Figure 2.3 helps to illustrate the concept of a risk-adaptive access control model. As illustrated in the diagram, user authentication is only one of many considerations that are used as a basis for access control decisions. For example, device attestation is an important complement to user authentication, as it provides a reliable and secure method to verify the identity and health of the device being used to access GC resources.

Furthermore, access control decisions should be dynamic and adapt to policy changes and real-time threat and risk assessment, as illustrated by the policy and telemetry inputs in Figure 2.3. This model forms the very foundation for supporting continuous, risk-adaptive access control in support of zero-trust principles.^{Footnote 44} It also provides the ability to support compensating measures so that weaknesses in one area can be complemented with other areas to help inform the overall access control decision.

Figure 2.3 - Text version

Conceptual illustration of a risk-adaptive access control model.

A box labelled “Risk-adaptive access control” appears in the centre of the figure. A number of possible inputs are at the box’s left and top, and the possible outputs are on the right side.

Inputs listed on the left side of the box, from top to bottom, are as follows:

• user authentication
• user role or attributes
• device authentication
• device attestation
• target resource
• date or time
• user geolocation

Inputs listed on the top side of the box, from left to right, are as follows:

• policy information
• threat information
• vulnerability information
• security information and event management
• visibility and analytics
• user and entity behaviour analysis

Outputs listed on the right side of the box, from top to bottom, are as follows:

• grant access
• grant restricted access
• deny access

2.4.7 Use of biometrics

As stated in the NIST Digital Identity Guidelines (see Section 5.2.3 of NIST SP 800-63B), “biometrics SHALL be used only as part of multi-factor authentication with a physical authenticator (something you have).” Therefore, biometrics can only be used as a second factor in conjunction with something the user has, such as a multi-factor cryptographic hardware authenticator with an embedded sensor such as a fingerprint scanner. However, when using biometrics as a second factor, certain requirements need to be met, including false match rate and presentation attack detection (PAD) technologies (for example, liveness detection).

It should also be noted that some biometric technologies are designed with user convenience in mind rather than security and, therefore, may not be adequate depending on the level of assurance required. Therefore, caution must be exercised when using biometrics as an authentication factor. See Section 5.2.3 of NIST SP 800-63B for additional information.

2.4.8 Bring your own authenticator

As noted previously in Section 2.2, all devices used to access GC internal resources should be managed by the GC. This includes mobile devices such as smartphones. However, it is recognized that some departments may have no choice but to implement MFA using personal devices, particularly for contractors. While this does add a measure of additional security over a single-factor solution based solely on a userid and password, the fact that the mobile device is unmanaged makes it more susceptible to compromise than a GC-managed device. However, mobile device management, unified endpoint management (UEM) or mobile application management could potentially be used to manage corporate data and applications on personally owned mobile devices, which would significantly reduce the risk as compared to an unmanaged device. When used in conjunction with a GC-managed computer platform, this could possibly raise the level of assurance from LoA 2 to LoA 3, assuming the appropriate security measures and best practices are in place (for example, separation between the work space and personal space is maintained at all times, rooted and compromised devices are detected, and so on). See End User Device Security for Bring-Your-Own-Device (BYOD) Deployment Models: ITSM.70.003 for additional information.

In any case, the strongest possible methods of authentication should be used. For example, the use of text messages (that is, SMS) is strongly discouraged in favour of more secure mechanisms such as a push notification with number matching or an OTP application. Use of phishing-resistant authenticators such as FIDO2 device-bound passkeys stored on the user’s mobile device or a user-owned FIDO2 security key (either of which could be used to authenticate via WebAuthn on a GC-managed computer platform) may also be an option. If this approach is adopted, attestation must be used to verify that the authenticator meets the minimum requirements associated with accessing the target resource. Also note that the use of a personal device as an authenticator must not unintentionally introduce the possibility that internal GC resources can be accessed with that device. More specifically, bring-your-own authenticators (BYOAs) are expected to be used in combination with a GC-managed computer platform.

The specific use cases and the need for any additional risk mitigation measures should be carefully considered before adopting any BYOA approach. In addition, privacy considerations must also be assessed.

B-3.1 Passkeys (synced and device-bound)

The meaning of the term passkey has evolved over the last few years. Certain vendors introduced the term as a synonym for multi-device credentials that can be backed up and copied to multiple devices. However, the term passkey actually applies to both multi-device and single-device credentials (see FIDO Alliance: Passkeys). In other words, passkey is a generic term for FIDO discoverable credentials that can be multi-device (copyable) or single-device (not copyable). More recent documentation uses the terms synced passkeys and device-bound passkeys (for example, see FIDO Deploying Passkeys in the Enterprise: Introduction).

Syncing passkeys is an approach where the private keys used to authenticate a user can be backed up and synchronized (copied) to more than one device, thus eliminating (or reducing) the need to register multiple credentials with the same online web service. Synced passkeys also seamlessly support credential synchronization to new devices. This improves the user experience with respect to authenticator recovery (see Recovery section below) as well as providing seamless authentication for users who use multiple devices to access the same web services. However, there are trade-offs with respect to user convenience and the potential security concerns that synced passkeys may introduce.

The US National Institute of Standards and Technology (NIST) recently published new interim guidance on “synced authenticators” (or synced passkeys). The interim guidance identifies security requirements that must be met so that they can potentially be used at LoA 3/AAL2. This could very well be a game-changer in terms of improving the user experience without sacrificing security. However, note that there are some products that support only device-bound passkeys in order to meet higher assurance requirements (for example, the Yubikey 5 Series FIDO2 implementation).

Additional information regarding the trade-offs between synced passkeys and device-bound passkeys is provided in the FIDO Alliance white papers FIDO Authentication for Moderate Assurance Use Cases and High Assurance Enterprise FIDO Authentication.

B-3.2 Credential storage modality

There seems to be contradictory (or misleading) information posted on various websites regarding where the private keys used for user authentication are stored. For example, the FIDO Alliance website itself (see FIDO Authentication) actually states, “FIDO2 cryptographic login credentials are unique across every website, never leave the user’s device and are never stored on a server.” However, it is clear from reading the FIDO2 specs (which are, by definition, the authoritative source) that the private signing keys used for authentication can be stored on the device or on the server (in encrypted form). Specifically, see Section 6.2 Authenticator Taxonomy and Section 6.2.2 Credential Storage Modality of the WebAuthn spec and related definitions of client-side discoverable credentials and service-side credentials.^{Footnote 62} Although U2F may not be considered part of “FIDO2,” see also Section 7 of the FIDO Alliance Universal 2nd Factor (U2F) Overview and Section 4.3 of the FIDO Alliance U2F Raw Message Formats spec (for example, “U2F tokens may wrap the generated private key and the application id it was generated for, and output that as the key handle”).

Although it is recognized that specific products may only support discoverable credentials and/or specific solutions such as passwordless authentication may actually require discoverable credentials, blanket statements such as “the private key never leaves the device” are not entirely accurate when referring to the FIDO Alliance specifications and the W3C WebAuthn recommendation. This is also a misnomer in terms of synced passkeys (see below for more information).

The primary benefit of storing the private keys on the server side is to minimize the amount of memory required on the device, thereby reducing the cost of the authenticator and, in theory, support an unlimited number of key pairs. However, the protection of the private keys when stored on the server may be a concern and will depend on the correct implementation of an approved encryption algorithm and associated key lengths used to protect the private keys. For example, Yubico uses AES-256 in CCM mode (for U2F, see Key generation). Furthermore, the number of passkeys that can be stored on FIDO2 security keys has been increasing. For example, the Yubikey 5 FIDO2 implementation has gone from supporting only 25 device-bound passkeys to 100. In addition, Google has recently launched new Titan Security Keys that can store more than 250 passkeys (see The latest Titan Security Key is in the Google Store).

Also note that the current industry trend appears to be heading towards passkeys which are, by definition, discoverable credentials and therefore cannot be stored on the server (refer to Table B22 for additional context). Nonetheless, server-side credential storage modality should not be dismissed altogether, as there are products available that do implement it.

B-3.3 Recovery

As with any authentication method, recovery options for FIDO-compliant authenticators need to be available in the event that the primary authenticator is lost, stolen or damaged. According to the FIDO Alliance (see Recommended Account Recovery Practices for FIDO Relying Parties), it is recommended that each user should have at least two FIDO compliant authenticators – one of which would be used as a backup in case anything happens to the other primary authenticator. However, this approach may not be suitable for the GC as it will result in increased costs (due to the need for each user to have multiple authenticators), may result in a poor user experience, and will require users to securely store the backup authenticator(s). Therefore, other recovery methods should be explored (for example, implementation of a centralized authentication approach might support other suitable approaches). Synced passkeys (as discussed above) or high assurance hybrid flows may also provide alternatives.

B-3.4 Enterprise attestation

The original FIDO Alliance specs were designed for a mass consumer market, namely, for users accessing online services on the Internet. While that continues to be a major focus, recent additions to the WebAuthn recommendation and CTAP specification introduce the notion of “enterprise attestation (EA)” in order to render FIDO authenticators more suitable for an enterprise domain. However, how EA actually works in implementation practice requires further investigation.

At the time of this writing, synced passkeys do not implement attestation.^{Footnote 63} This is due to the fact that the current CTAP 2.1 specification and WebAuthn Level 2 recommendation only support attestation during the registration process, so there is no way to assert a new attestation statement when authenticating from another device with a synced passkey. However, support for this new capability is expected to be added to the CTAP 2.2 specification and WebAuthn Level 3 recommendation. What this will mean in implementation practice, and what level of support will be provided by the vendor community, remains to be seen.

Also note that EA was introduced as part of FIDO2 and is not supported by U2F.

See FIDO TechNotes: The Truth About Attestation and FIDO Attestation White Paper for additional information regarding attestation. Additional details regarding EA are also available at Enterprise Attestation, and several white papers related to enterprise deployments are available at Learn how FIDO authentication fits into your enterprise environment.