Google has announced that it is implementing account logins on Android and Chrome without the need for passwords, using only private keys or ‘passkeys’, based on facial and fingerprint recognition systems.
The company made its bid for the elimination of passwords known a few months ago, when it said it was paving the way for a system based on ‘passwords’ based on the proposals of the FIDO (Fast Identity Online) Alliance.
This alliance, to which some of the most important technology companies belong, seeks to create new secure standards for the management of digital services and plans to abandon traditional systems, such as passwords or two-factor authentication.
Thus, it proposes a system of private keys or ‘passkeys’ that are linked to users’ personal accounts and that can be synchronized between devices for use on websites through Google’s Password Manager.
Google has announced that this system is now available in Android and Chrome, which offer support for access keys and that they represent “a significantly more secure replacement for passwords and other fraudulent authentication factors”, as indicated in its blog for developers.
Access without Google passwords
This new passwordless login system will be coming to stable channels later this year. As the company has explained, to create an access key, the user must confirm the access account information (with associated username or email). Next, you have to use a biometric recognition system.
Thus, the owners of these accounts can choose between the fingerprint, opt for facial recognition or simply the screen unlock key of the terminal. Therefore, to log in, they will only need to indicate the user and add their private ‘passkey’.
In case they want to access a certain account from a computer, they can do it as long as they have their mobile phone nearby. That way, a user with an Android device can log in to their account from the Mac’s browser, Safari, just like an iPhone owner can log into Chrome with the password saved in iOS.
Therefore, when trying to access an account from the computer, the website will generate a QR code, which the user must scan with their mobile phone. Next, you will need to include your key (unlock PIN, fingerprint or facial recognition) to use your account on that website.
Consistent user experience
Google has stressed that since the access keys are based on industry standards, this system works across platforms and browsers in order to provide a consistent user experience. These include Windows, macOS, iOS, and ChromeOS.
Also, the manufacturer has indicated that developers can now create applications for Android or Chrome websites compatible with access keys through the WebAuthn API. To do this, they must sign up for the beta version of Google Play Services and use Chrome Canary.
Finally, he has said that he will continue working on new access formats without passwords and that from next year he will introduce new changes in Android.
It should be remembered that Apple also announced this summer that it would introduce a new authentication functionality on iPhone, iPad and Mac with which you could log in to compatible websites using TouchID or FaceID.
Then he said that Passkeys would arrive at the end of the year to these devices with a preview, within the iCloud keychain, intended for passwords and security on the brand’s equipment.
Click the link to subscribe for free to our news and media group on Telegram: https://t.me/G_ELSUMARIO_News