Apple is bringing Face ID and Touch ID to the web with Safari 14
Apple's Face ID and Touch ID have made it easier for users to log into their mobile devices like iPhones and iPads and on some Macs offering the Touch ID button. Now Apple is bringing Face ID and Touch ID to the web. At the company's virtual Worldwide Developers Conference this week, Apple introduced a way for web developers to add support for Face ID and Touch ID to their websites, allowing Safari users to log in without having to enter their username and password.
In a WWDC session aimed at web developers, the company showed off the new functionality which Apple touted would provide a frictionless experience" for users.
Similar to how Face ID and Touch ID work today in iOS apps, web developers who choose to implement the new technology could prompt their users to choose a biometric authentication method the next time they visit their website.
Great news! Apple expands support for #FIDO Authentication with Safari 14 (MacOS/iOS)! Websites can use Touch ID / Face ID for secure and frictionless web logins via #WebAuthn API. Great video on how websites can get started: https://t.co/NZ92tEhFaL
- The FIDO Alliance (@FIDOAlliance) June 24, 2020
The technology was built via the Web Authentication (WebAuthn) API which allows developers to build authentication via the FIDO2 specification, developed by the FIDO Alliance. It will be made available starting with Safari 14 for macOS and iOS, the organization said.
As CNET explains, Apple isn't the first to use the browser technology - it's already available in Firefox, Chrome and Microsoft Edge, for example.
Apple's adoption, however, could push forward the larger biometrics movement. This in part, is due to Apple's way of making complicated technology consumer-friendly and taking on the work of user education. Apple also has a sizable community of developers who get excited to roll out Apple's latest technology.
The new system will be, by default, multi-factor in nature.
Apple's platform authenticator uses the secure enclave of the iPhone or iPad to provide the private keys, and guarantees they can't leave the device. It also verifies the user by either their fingerprint or facial recognition. That makes it multi-factor, as it combines something you have - the iPhone - with something you are - your biometrics information.
A report by Biometric Update also noted the WWDC session revealed Apple built its own attestation service, which is an optional service for those with higher security needs - like a bank. Because this technology can sometimes be used to violate privacy, Apple built its own version where it generates a unique attestation certificate for each credential. This prevents websites from tracking users across the web. This service isn't immediately available, but will be soon.
Apple joined the FiDO Alliance earlier this year, signaling its intention to work towards a way to replace passwords with trusted devices and biometrics. It has also patented a way to use Face ID on a Mac, but this hasn't launched.