A beta version of the latest Chrome browser for macOS and Android points to the rise of FIDO2-based biometric authentication on the web.
The new Chrome 70 feature allows websites to access a fingerprint sensor on their device, and, as 9to5Google reports, this is enabled by default in the Web Authentication API. Websites that take advantage of the feature can use fingerprint scanning for two-factor authentication.
It appears to be the result of the FIDO Alliance’s launch of its FIDO2 authentication standard this past spring, a core component of which is the enabling of biometric- or security key-based authentication through a web app. The idea was to improve authentication security on web browsers, and Google was among the first of the major browser providers to commit to supporting the standard via Chrome. That support now appears to have arrived with respect to fingerprint recognition, though Google is a little behind Microsoft, which announced that a build of its Edge browser supported biometric web authentication at the start of August.
In Chrome 70, support for fingerprint-based web authentication arrives alongside a few other, more subtle security features including a system that will exit fullscreen mode when dialog boxes appear and a “Web Bluetooth” system that lets websites securely communicate with paired devices. Google has also frozen the Android and iOS build number to better protect user privacy.
September 14, 2018 – by Alex Perala