The FIDO (Fast IDentity Online) Alliance, backed by the likes of PayPal, Google and Mastercard, has outlined two specifications for the future of passwordless online security.

The first Passwordless UX standard (called UAF) enables online service providers to choose from a range of different authentication mechanisms, including fingerprint, facial recognition, voice and PIN, or a combination of these.

Once a user is set up for a certain service using one of the above standards, they no longer need a password. Along with security issues, this could solve problems relating to the difficulty of entering passwords on mobile, or with users simply forgetting them.

The second, built for web browser-based services (U2F), asks for a dual authentication by getting the user to attach a dongle or tap an NFC device to prove they are the right person.

FIDO was set up to provide ease of use, privacy and security, and standardisation for online security. The Alliance says it hopes to ingite a thriving ecosystem of client authentication methods such as biometrics, PINs and second–factors that can be used with a variety of online services in an interoperable manner.

The full documentation can be found here and is still being refined by the organisation.