Ledger Hardware Wallet Integrates U2F Authentication

Update: This article was based on Ledger’s post on Medium.com, which insinuates that Ledger will integrate full FIDO features. We’ve been told that this is not true, however. Ledger says they will add U2F authentication, but not biometric. We apologize for the error.

The next generation of Ledger, a smartchip-based Bitcoin hardware wallet similar to Trezor, will be compatible with the authentication features of Fido Alliance – namely external dongles and fingerprint readers.

Ledger says they will employ Fido Alliance‘s Second Factor (U2F) and Passwordless (UAF) authentication types.

Of U2F authentication, a Ledger spokesperson tells Medium:

“[It] uses Elliptic Curve Cryptography (on Bitcoin neighbor curve secp256r1) to replace the typical OATH-TOTP validation by a cryptographic challenge performed by a hardware token [dongle]. It is designed to prevent against phishing […] and protects user privacy by mandating a different key generation per website account.”

The UAF authentication, on the other hand, is where biometric (read: fingerprint readers) come into play. The Ledger spokesperson further explains:

“UAF recognizes the user (with a PIN, biometrics or other methods) and uses Public Key Cryptography (and natively supports

Read more ... source: Cointelegraph