Passwords comprising of letters, numbers, and symbols are notoriously easy to crack for hackers by using certain algorithms, leading to a long debate in the tech industry about the development and implementation of a more secure authentication tool for web services, such as fingerprint and 3D face scans. It now appears that the efforts of developers have reaped rewards in the form of a new web standard that brings support for authentication measures like Touch ID and Face ID for a wide array of web services.
The FIDO Alliance and W3C have developed a new web standard called WebAuthn which allows users to log into supported web services by using the connected or inbuilt scanning tool on their device like a fingerprint scanner or a camera to submit their biometric credentials.
API enabling creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. Conceptually, one or more public key credentials, each scoped to a given Relying Party, are created and stored on an authenticator by the user agent in conjunction with the web application.
The new web authentication method has been implemented on Mozilla Firefox and Opera has already committed to employing the technology in its browser, while Microsoft Edge and Google Chrome are expected to get support for the new web authentication standard in the next few months. The new security-focused web-functionality can be implemented to accept only biometric information as a sign-in credential, or can also be adjusted to make the biometric information be used as an additional layer of security alongside passwords.
However, the new web authentication standard’s arrival does not mean that users can altogether ditch text-based passwords just now, as it also depends on web services adopting fingerprint scan and 3D face map as a substitute for the conventional passwords to access their services