Web Authentication is an open, standards-based technology - meaning it is not owned or controlled by any one company. It is instead implemented by many different parties, based on the core open specification. This includes implementation by companies and organisations such as Apple (iOS and Safari), Google (Android and Chrome) and Mozilla (Firefox).
Security
The user's device acts as an authenticator that generates a public key from a range of supported encryption algorithms. This is much more secure than a traditional password. Additionally, unlike a password, the private key never leaves the user's device, meaning the website does not store the credential required to authenticate an account. This means if a database was exposed, attackers would not be able to use the credentials in the database to gain unauthorised access. This means the technology is phishing-resistant.
Speed & simplicity
Users can authenticate in a fraction of the time compared with current password login.
Users are saved the hassle of constantly having to remember and type complex passwords.
Widely supported
Web Authentication has been tested and confirmed working in consumer devices including biometrics in Android devices, Touch ID and Face ID on iOS. This means the vast majority of your users now have access to this technology.
Mobile use is growing every day meaning the use of this will grow over time.
This website uses cookies and other data to deliver, maintain and improve our services and ads. We also have partners that measure how our services are used. Visit our Cookie Use page at any time to learn more.
