Breaking News

TechTips:Update Google Play Services to Enable Touch-ID Sign-Ins for Websites


Today, the FIDO Alliance and World Wide Web Consortium (WC3)
announced that the Android OS has received FIDO2 certification. This will enable Android users to use their fingerprint—rather than a password—to sign into websites and other services, and developers will now be able to add password-less authentication to their web apps and sign-in pages, as well as their native Android apps following an automated Google Play Services update.
While plenty of Android devices and apps have included fingerprint-based logins before, FIDO2 implementation is different, and its adoption on Android means we are likely inching closer to future where passwords are obsolete.

How to set up password-less web sign-ins on Android

Once FIDO2 support has rolled out to your device, you will only be able to use fingerprint ID to sign into websites that allow it—though more will likely begin implementing fingerprint sign-ins since roughly a billion new devices will soon support the feature. To use password-less sign-ins on these websites, you’ll need:
  1. A device running at least Android 7.0 or higher.
  2. The most recent Google Play Services update. These updates are usually done automatically, but you can double check by opening the app’s Google Play store page on your device to see if a new version is available.
  3. Next, you will need to set up your fingerprint profile on your Android device if you haven’t already.
  4. Once you have your fingerprint ID stored, you can now use your Android device’s fingerprint sensor to sign into websites and web-based apps when browsing in Chrome, Firefox, and Microsoft Edge (provided the website supports password-less authentication in the first place).

Is it secure?



Like any security measure, Fingerprint ID has risks, so doubling up with another method—password, pin number, face recognition, or riddle-peddling bridge troll—is best practice. However, the FIDO2 protocol is incredibly secure and adds an extra layer of protection by preventing users from using fingerprint-based web logins on unsecured web domains and websites with fishy (or phishy) URLs. FIDO2 can also keep you safe in the event of a security breach. Unlike a password system, which requires both the user and the app/service to know the password, FIDO2 only requires the user to input the correct authentication info.


No comments

'; (function() { var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js'; (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); })();