WC3's Web Authentication API or WebAuthn: Chrome and Firefox will soon support a new Web Authentication API, which will provide greater protection to phishing attacks and will reduce the use of passwords.
WC3's Web Authentication API or WebAuthn promises a simpler and more secure way enrollments on a page.
Instead of using the classic name with a password, the user will be able to enter a fingerprint, his retina or some other biometric data stored on his smartphone.
The system it will use an encrypted public key and ensure that each service a user subscribes to has its own key pairs, thus addressing the problem of reusing the same password.
With this API, one could visit a service page from his computer, tap the signup button, and then receive a notification on his smartphone asking him to sign up.
The person concerned should enter the authorization mode, which could be a PIN or a fingerprint that he will use in the future to log in to his account.
As Duo Security's Nick Steele recently reported, WebAuthn is based on the older FIDO Alliance standard, called UAF or Universal Authentication Factor, but has many technical advantages.
So expect to see the new feature in Chrome and Firefox as mentioned above, but also in Microsoft's Edge trying to compete with the two major browsers.
Please note that although Apple's Safari Browser does not currently support WebAuthn, the Web Authentication Working Group has many developers of the company.
- FlightGear 2018.1 final: Download before the official announcement
- Illegal purchases with bitcoin? Transactions stay forever online
- Privacy; Yeah right. Digital Shadows: leakage of 12 petabyte data