The Android Fast Identity Online Universal 2nd Factor (FIDO U2F) API allows you to add strong physical second factor (U2F) authentication to your Android apps. The API supports NFC, USB, and BLE U2F devices. Details of the U2F protocol can be found at the FIDO Alliance.
The FIDO2 API is also being developed in accordance with the WebAuthn standard. It currently supports registration and authentication of credentials that reside on the mobile device itself or on external FIDO U2F authenticators. Details of the WebAuthn protocol can be found here
The API consists of two operations:
- Registration is done once per U2F device per account, when the user associates a new U2F device with their account.
- Signing is done whenever the registering party wants to authenticate a user.
Both registration and signing operations cause UI to be drawn.
A sample application demonstrating API usage can be found at https://github.com/googlesamples/android-fido.
The FIDO2 API can be integrated into your Android app in a similar
fashion, using the corresponding methods on