From
this article:
Quote:
“We’ve chosen to use the UAF specification since it’s easy for our customers to use (often leveraging biometric information), acts as a full password replacement, and increases security and privacy,” wrote Andy Steingruebl, PayPal’s Director of Ecosystem Security. The company deployed an early UAF version for Samsung’s smartphones that include a fingerprint reader.
I don't think I'm understanding how UAF works. UAF seems more targeted at smartphones and tablets with built-in biometrics, right? If so, UAF is great, but what about logging in from my laptop? U2F seems like the right solution for browsers on desktops and laptops. But then again, I'm kinda confused about UAF in general. Could a UAF implementation be "backed" by software which uses a password and a U2F token?
How is UAF supposed to work, anyway? Is the fact that PayPal is going with UAF mean that I will never be able to use my U2F token to authenticate with PayPal?
Login
FAQ
Search
