Ledger Hardware Wallet Integrates U2F Authentication

Update: This article was based on Ledger's post on Medium.com, which insinuates that Ledger will integrate full FIDO features. We've been told that this is not true, however. Ledger says they will add U2F authentication, but not biometric. We apologize for the error.

The next generation of Ledger, a smartchip-based Bitcoin hardware wallet similar to Trezor, will be compatible with the authentication features of Fido Alliance – namely external dongles and fingerprint readers.

Ledger says they will employ Fido Alliance's Second Factor (U2F) and Passwordless (UAF) authentication types.

Of U2F authentication, a Ledger spokesperson tells Medium:

“[It] uses Elliptic Curve Cryptography (on Bitcoin neighbor curve secp256r1) to replace the typical OATH-TOTP validation by a cryptographic challenge performed by a hardware token [dongle]. It is designed to prevent against phishing [...] and protects user privacy by mandating a different key generation per website account.”

The UAF authentication, on the other hand, is where biometric (read: fingerprint readers) come into play. The Ledger spokesperson further explains:

“UAF recognizes the user (with a PIN, biometrics or other methods) and uses Public Key Cryptography (and natively supports the Bitcoin curve secp256k1) to authenticate with the remote service.”

These two types of authentications are following a wider push toward more secure and even passwordless logins to Web services in general. The public-key cryptography employed by Bitcoin has created an environment in which private keys – not emails, usernames, or passwords – may become the preferred method for online authentication.

Ledger has not announced an exact release date for their coming wallet iteration. Fido Alliance will make a presentation in London in fall 2015 on their biometric standards and applications.

Follow us on Facebook