Chrome, Firefox and Edge will support the Web Authn standard
Support for the new Web Authn standard will be possible to log in without any password but with the ” USB security key ” ie the fingerprint reader and with cameras. Goodbye to passwords. Here’s how it will work.
Web security has always been, and especially in recent years, one of the main factors of study by software companies as well as a major concern of users who daily surf the pages of the sites. In this case, the old passwords seem to be the only valid alternatives to keep the sensitive data of the users still safe. Well, even passwords may be ready to retire with the announcement of the announced Web Authn or Web Authentication that will simplify the authentication process allowing greater security on the web and making even forget the much loved (or hate) password.
What is specifically Web Authn?
The new authentication protocol system was introduced by Fido Alliance and the World Wide Web Consortium (W3C) and is a real system capable of creating unique encrypted credentials for each site, allowing access to every online service from the browser through the various Fido2 authentication systems such as fingerprints, face recognition but also USB dongle or other.
Clearly Web Authn defines new API that can be exploited and integrated in browsers and web services allowing, as mentioned, the login through the different solutions already on the market and clearly alternatives to the classic passwords. It will clearly change the user’s ways to be recognized for logging in from a particular website. Here instead of inserting the classic ” user name ” and the ” password ” with the new authentication system just put your finger on the fingerprint reader of the smartphone or a mobile player, maybe be framed by a webcam prepared for that system or even other ” password-free ” authentication methods.
In this case, the Fido2 protocol no longer uses passwords but two separate keys that are in some way dependent on each other and which turn out to be a private one and a public one. The second can clearly be given to anyone, perhaps in a specific public place or within a company. However, this will not allow access except with the private key. The first private key will turn out to be temporary and stored in an object called token that may be the classic key that many credit institutions already give to customers or even new-generation ones like biometric sensors or something else.
Firefox, Chrome and Edge ready to use it
Here is that Fido2 is ready to be used properly on the most famous web browsers on the world scene. Google Chrome as well as Mozilla’s Firefox and Microsoft’s Edge have already actively promised to add support to the new Web Authn in a short time. Indeed in some ways Mozilla’s Firefox is already compatible with the standard so that the services related to the company’s browser can already take advantage of the new system.
For those who wonder instead what will happen in Apple devices like iPhone, iPad or Mac the answer is still unresolved. The Cupertino company is part of the W3C consortium but at the moment is not yet making the Safari APIs compatible with the new Web Authn and it is not yet possible to use it in that system.