Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

FIDO authenticator not working on Android platform

190 views
Skip to first unread message

Ankur Paul

unread,
Jul 11, 2024, 8:56:20 AM7/11/24
to FIDO Dev (fido-dev)
Hi, i have two FIDO authenticators now, one that is from Thetis and one is a smartcard that has a FIDO applet loaded that we are developing.

Interestingly, I find, the thetis authenticator works well with registraion/authentication workflows on all platforms like iOS/Android on the NFC transport medium, but on the contrast the applet which we are developing works well on the NFC medium on iOS (pretty well for reg/authentication on platforms), and on windows (using a usb smart card reader example: from Identiv). Our applet totally fails to complete the process when on Android, can someone suggest how shall we diagnose this issue? or any known issues like this anyone has faced and share their solution.

Btw, we are developing a smartcard based formfactor with the FIDO applet. It complied to ISO 7816-4/14443 standards.

Adam Langley

unread,
Jul 13, 2024, 8:29:32 PM7/13/24
to FIDO Dev (fido-dev), Ankur Paul
On Thursday, July 11, 2024 at 5:56:20 AM UTC-7 Ankur Paul wrote:
Hi, i have two FIDO authenticators now, one that is from Thetis and one is a smartcard that has a FIDO applet loaded that we are developing.

Interestingly, I find, the thetis authenticator works well with registraion/authentication workflows on all platforms like iOS/Android on the NFC transport medium, but on the contrast the applet which we are developing works well on the NFC medium on iOS (pretty well for reg/authentication on platforms), and on windows (using a usb smart card reader example: from Identiv). Our applet totally fails to complete the process when on Android, can someone suggest how shall we diagnose this issue? or any known issues like this anyone has faced and share their solution.

Does Android support smartcard-based security keys at all? I'm not sure that it does, which would explain the failures that you're observing.


Cheers

AGL

DUBOUCHER Thomas

unread,
Jul 15, 2024, 11:46:50 AM7/15/24
to Adam Langley, FIDO Dev (fido-dev), Ankur Paul

THALES GROUP LIMITED DISTRIBUTION to email recipients

 

Android still doesn’t support NFC for FIDO2 devices, but it does support it for U2F devices.

 

If both your RP and your security key supports U2F, you may get mistaken because Android will downgrade the registration to U2F.

 

If the RP doesn’t support U2F, Android will not ask for NFC security key.

 

If your security key doesn’t support U2F, it may cause this error when trying to register your security key.

 

Best regards,

 

 

 

 

Thomas Duboucher

Embedded Security Specialist

Digital Identity and Security

Thales

 

--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/29701299-ed17-4869-97de-e5b15b70c330n%40fidoalliance.org.

Ujjwal Roy

unread,
Jul 16, 2024, 3:05:35 AM7/16/24
to FIDO Dev (fido-dev), DUBOUCHER Thomas, Ankur Paul, Adam Langley
Thetis Token supporting FIDO 2.1 is working with android device with NFC interface.

May be platform/browser behavior need to be analyzed, what type of command it is sending U2F/FIDO?
Message has been deleted

Eka Intan

unread,
Jul 25, 2024, 11:03:08 AM7/25/24
to FIDO Dev (fido-dev), Ujjwal Roy, DUBOUCHER Thomas, Ankur Paul, Adam Langley
Reply all
Reply to author
Forward
0 new messages