Google had been working on TouchID and fingerprint capabilities to enable users on Chrome to login to account via Web Authentication, and developers to access biometric authenticators through the Credential Management API's PublicKeyCredential type.
Now, the feature dubbed, "Local user verification" is rolling out to users to allow them to log into both native/web applications by registering their fingerprint or any of the other available authentication method set up to unlock their device, such as pattern, pins or password.
While in the future, this three APIs: Face Detection API, Barcode Detection API and Text Detection API, will along with the Face Detection API allow users to return the location of faces and other facial attributes like nose and mouth for a more accurate result.
The feature relies on Web Authentication API and the Client to Authenticator Protocol (CTAP), which are designed to offer simpler and more secure authentication methods that websites can use for secure web-based logins, taking advantage of Android's inbuilt FIDO2 certified security key capability that was rolled out earlier to all devices running Android 7.0 Nougat and later.
Google has also added the functionality to its web based password manage: passwords.google.com, which provides an online platform where users can view and edit their saved passwords.
The new authentication feature will be more useful for people with extreme security practices, who often create strong and unique passwords for every website and thereby faced with the trouble of having to remember each for every transaction. Google plans to expand this functionality to more Google services, including Google Cloud in the near future.
No comments