How the standards we build against have evolved.
Authentication, identity, and trust standards do not arrive fully-formed — they accumulate over decades, shaped by deployment lessons, threat-model shifts, and ecosystem turning points. These timelines trace each family of standards we work with, year by year.
FIDO
A chronological timeline of FIDO standards evolution, from FIDO 1.0 / U2F through CTAP, FIDO2, WebAuthn, and modern multi-device passkeys.
PIV
A chronological timeline of PIV standards evolution — FIPS 201, SP 800-73, derived PIV credentials, and the modern multi-form-factor PIV deployment.
ePassport
A chronological timeline of ePassport standards evolution: ICAO 9303, BAC, PACE, SAC, EAC, multi-application travel documents.
OTP and SMS authentication
A chronological timeline of one-time-password authentication standards: S/Key, RSA SecurID, HOTP, TOTP, SMS OTP, and the FIDO-driven phishing-resistance pivot.
Smart-card
A chronological timeline of smart-card standards and platform evolution: ISO 7816, JavaCard, GlobalPlatform, DESFire, multi-applet smart cards.
WebAuthn and passkey
A chronological timeline of WebAuthn and passkey evolution — W3C standardisation, browser support, and the platform shift to synced passkeys.
Secure-element
A chronological timeline of secure-element evolution — from SIM cards through embedded SEs, TPMs, eUICCs, and IoT trust chips.
Have a standards-evolution question?
Our engineers track these specifications because we ship against them. If you need to know where a protocol is going before you commit, talk to us.