WC3's Web Authentication API or WebAuthn: Chrome, et al Firefox will soon support a new Web Authentication API, which will provide greater protection into a attacks phishing and will reduce the use of passwords.
The Web Authentication API of WC3 or WebAuthn promises a simpler and safer way to sign up on a page.
Instead of using the classic username with a code access, the user will be able to register a fingerprint, retina or other biometric data stored on their smartphone.
The system will use an encrypted public key and ensure that each service that a user enters has its own key pairs, thus addressing the problem of reusing the same password.
With this API, one could visit a service page from his computer, tap the signup button, and then receive a notification on his smartphone asking him to sign up.
The person concerned should enter the authorization mode, which could be a PIN or a fingerprint that he will use in the future to log in to his account.
As recently reported by Nick Steele of Duo Security, WebAuthn is based on the oldest FIDO Alliance standard, called the UAF or Universal Authentication Factor, but it has many technical advantages.
So expect to see the new feature in Chrome and Firefox as mentioned above, but also in Microsoft's Edge trying to compete with the two major browsers.
Please note that although Apple's Safari Browser does not currently support WebAuthn, the Web Authentication Working Group has many developers of the company.
- FlightGear 2018.1 final: Download before the official announcement
- Illegal purchases with bitcoin? Transactions stay forever online
- Privacy; Yeah right. Digital Shadows: leakage of 12 petabyte data