Goodbye, passwords: Touch ID and Face ID could become a new way to authenticate access to accounts through Safari

Technology companies have struggled for years to abandon the conventional use of passwords created by users as a form of login. Even with improvements in account security through features such as two-step verification, this pattern is still susceptible to attacks including phishing.

To transform this reality, the W3C in partnership with aliana FIDO (formed by Google, Microsoft, PayPal, Samsung and others) announced that the standard WebAuthn reached the recommendation level (that is, when the code is understood as efficient and necessary for web security), already being implemented by Firefox and Google Chrome.

This new authentication standard is already used by some applications on iOS, however, the intention of its creators launched it as a method of replacing / complementing logins in general on the web.

The method can work in a way already known by many: through a biometric authentication method (finger or face), it is possible to access accounts and applications. For now, this form of authentication makes use of small hardware, such as Yubico, similar to a pendrive and responsible for generating a temporary access code without the use of characters (such as a token, making the process safer).

Brett McDowell, executive of FIDO, mentioned that the Apple team responsible for WebKit (which makes up Safari and other company applications) recently joined the WebAuthn working group, which certainly makes us think that such a feature could be implemented on Mac browser after all, iOS apps already use this authentication tool. If this really occurs, it would be possible to allow access to accounts from different sites using Touch ID or Face ID. Much simpler, right ?!

As mentioned, both Firefox and Chrome have implemented the new feature for now, in the beta and alpha versions, respectively; the finals are expected to go out to the general public soon.