Web Authentication API of WC3 or WebAuthn: Chrome, and Firefox will soon support a new Web Authentication API, which will provide greater protection against phishing attacks and reduce password usage.
WC3's Web Authentication API or WebAuthn promises a simpler and more secure way enrollments on a page.
Instead of using the classic username with a password, the user will be able to register a fingerprint, their retina or some other biometric data stored in the smartphone of.
The system it will use an encrypted public key and ensure that each service a user subscribes to has its own key pairs, thus addressing the problem of reusing the same password.
With this API, one could visit a service page from his computer, tap the signup button, and then receive a notification on his smartphone asking him to sign up.
The person concerned should enter the authorization mode, which could be a PIN or a fingerprint that he will use in the future to log in to his account.
As recently reported by Nick Steele of Duo Security, WebAuthn is based on the oldest FIDO Alliance standard, called the UAF or Universal Authentication Factor, but it has many technical advantages.
So expect to see the new feature in Chrome and Firefox as mentioned above, but also in Microsoft's Edge trying to compete with the two major browsers.
To mention that although the browser Safari Apple does not currently support WebAuthn, the Web Authentication Working Group has many developers of the company.
- FlightGear 2018.1 final: Download before the official announcement
- Illegal purchases with bitcoin? Transactions stay forever online
- Privacy; Yeah right. Digital Shadows: leakage of 12 petabyte data