You can now log in without a password using digital, internet banking and other mobile applications; this technology is also spreading on the web. Through Chrome for Android, O Google allows you to log in to your services using the fingerprint sensor or the cell phone unlock pattern. The company adopted the FIDO2 and WebAuthn standards that can also be found in other browsers.
The feature will be available “in the coming days” when visiting certain Google services on any device running Android 7.0 Nougat or higher. If your phone or tablet does not have a fingerprint reader, you can use the system unlock pattern, PIN or password.
To test this functionality, follow the steps below:
- on Chrome for Android, visit the website passwords.google.com;
- choose a website to view or manage a saved password;
- follow the instructions to confirm that you are trying to sign in.
This is just the beginning: Google plans to use this form of authentication in more services, considering that “new security technologies are surpassing passwords in terms of protection and convenience”.
Google does not send fingerprint to the cloud
The company recalls that its fingerprint is never transmitted to Google’s servers. This is a fundamental part of any website that uses the FIDO2 standard: the device only sends a cryptographic proof that you have used biometrics; your fingerprint remains locally stored on the device.
In technical terms, Google uses the FIDO2 module built into Android 7 and above to register a FIDO credential linked to the device. Then, a compatible website – such as passwords.google.com – uses the WebAuthn standard to request the number that identifies that credential. Chrome (or another browser) asks the system’s FIDO2 module for this information via an API. If all goes well, the result will be a valid FIDO2 subscription, and login will be authorized.
Google explains that, with FIDO2, the same credential can be used by an app installed on the phone and its equivalent on the web: “this means that the user only needs to register the fingerprint with the service once; it will work for the native app and the web service. ”
This technology is also used to login without a password to the Microsoft account: the Edge browser for Windows 10 supports authentication via Windows Hello, via a fingerprint reader or facial recognition camera.
With information: Google.