Term | Description |
---|---|
Assertion | Verification of a signature against an existing credential |
Attestation | Creation and declaration of a new credential |
Authenticator | The device through which authentication occurs, typically a Platform authenticator (mobile device) or external security key |
Authorization gesture | A physical interaction with an authenticator, for example touch of a finger, or scan of a face. |
Base64URL |
Modification of the main Base64 standard supporting use in URL addresses. |
Biometric | A physical characteristic such as fingerprint or facial appearance |
CBOR | Concise Binary Object Representation. |
Challenge | Random set of bits used to prevent replay attacks. |
COSE | CBOR Object Signing and Encryption. Find a list of numeric identifiers (such as -7 , -257 etc) and algorithms here. |
CTAP | Client to Authenticator Protocol |
Credential | Contains a challenge, public key, and meta data about the credential. |
Private key | Matches to the corresponding public key |
Public key | Matches to the corresponding private key |
Relying Party | A website offering Web Authentication integration |
Replay attack | Also known as playback attack. A form of network attack in which data transmission is maliciously or fraudulently repeated or delayed. This is the reason challenges are required in Web Authentication. |
Transports | The method through which credentials are transported from the authenticator such as platform (built-in device), usb , ble (bluetooth) and nfc |
Uint8Array |
A Javascript object representation |
UV | User verification - an action such as providing a fingerprint or looking into a camera for facial recognition |
Also see the official spec for some additional terms & definitions.