The World Wide Web Consortium (W3C), the world’s leading Internet standardization organization, and the FIDO Alliance (industry consortium for handling device-to-device authentication standards) have approved WebAuthn as a new standard of authentication and logins for the Internet.
WebAuthn, is a diminutive of “web authentication”. It is an API for interaction between the internet, browsers and biometric security devices. Through this technology, users can perform authentication on any type of site that requires a login and password. For instance, social networks, banks, email accounts, online stores, etc. They can do this by only providing their digital to the enabled device. This can be a device connected to the computer.
In addition to major web browsers, including Microsoft Edge, the latest operating systems already support WebAuthn. Another standard that works the same way as WebAuthn is FIDO2. Android has already been supporting it since version 7. It totals approximately one billion devices that already have the ability to access online services without the need to use passwords (provided they have a reader biometric).
WebAuthn, in addition to facilitating web service authentication, making the use of passwords (and the need to remember them) unnecessary, will also promote security as the system is immune to data leakage and phishing attacks.
In the future, we should see a flood of products coming to market compatible with the new technology. For instance, USB biometric authentication keys, as well as keyboards for PCs and notebooks with touchpads.