Functional Adaptions of the FIDO UAF Specification
The Nevis Access App deviates from the UAF 1.1 specifications in regard to its functionality in certain limited parts. This chapter describes the differences as well as the consequences. It also mentions the reasons for choosing to deviate.
The FIDO UAF 1.1 Specifications states that the Android FacetID must be calculated by using SHA-1.
Nevis decided to implement and use SHA-256 for the hash calculation. This adaption has been done because:
- The usage of the deprecated SHA-1 is widely discouraged.
- The successor of the FIDO UAF 1.1 specification, FIDO UAF 1.2, already allows the use of both SHA-1 and SHA-256.
- This adaption has no influence on the Nevis Mobile Authentication Backend, which supports both SHA-1 and SHA-256 hashed FacetIDs.