Google services can now be verified using fingerprint authentication

Google services can now be verified using fingerprint authentication
HIGHLIGHTS

Google is now allowing Android devices to use fingerprints to sign into their Google accounts.

It works on the FIDO2 (Fast ID Online 2), W3C WebAuthn and FIDO CTAP standards.

These days, everything we do online requires a password, and it is recommended to use a different password for different accounts and websites. Unless you have an amazing memory or you use a password manager, it is very difficult to remember every password. Also, as the tech industry has been heading towards biometrics, passwords are no longer considered sufficient for security, and that is why Google is now allowing Android users to use their fingerprints to sign into their Google accounts.

While individual apps have long been able to use Android’s fingerprint authentication technology, this is the first time Google is allowing biometrics to verify user identities around the web. The new passwordless sign-in method is based on the FIDO2 (Fast ID Online 2), W3C WebAuthn and FIDO CTAP standards that have been developed to help reduce our dependence on passwords. However, this isn’t a new thing as Face ID Online has been pushing for the use of biometrics as a two-factor authentication element across all devices, including desktops, and platforms. 

According to Google, “an important benefit of using FIDO2 versus interacting with the native fingerprint APIs on Android is that these biometric capabilities are now, for the first time, available on the web, allowing the same credentials be used by both native apps and web services. This means that a user only has to register their fingerprint with a service once and then the fingerprint will work for both the native application and the web service.”

The new sign-in method for Google services uses a Bluetooth-based protocol to set up a device-specific security key. This key can later be used to set up a device-specific security key. It is also dependent on Chrome. Further, to enable this method, it is essential to have lock screen security enabled on the phone. However, it is still unclear which Google services can be used with this new sign-in method. 

The first devices to receive this password-free security method are the Pixel phones. It will, however, reach other Android phones that run on Android 7.0 Nougat or above. Additionally, Google says that all the authentication happens locally on the user’s device, hence, fingerprints are never sent to Google servers. 

Digit NewsDesk

Digit NewsDesk

Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile

Digit.in
Logo
Digit.in
Logo