Google has introduced a new passkey feature for Android devices and Chrome to offer additional security to users. People will soon be able to use this option to authenticate their identity by using PINs or biometric authentication to log in to any website or app instead of using a password. Google is pitching this as a safer option for users than the traditional two-factor authentication method.
Back in May this year, tech giants such as Microsoft, Apple, and Google announced plans to offer a common passwordless sign-in option to users. This is called “Passkeys,” developed by the World Wide Web Consortium (W3C) and the FIDO Alliance. The search giant is now making it a reality.
Also Read : 5 upcoming WhatsApp features you should know about
However, the feature is currently only available for developers and Google is planning to offer passkeys feature to regular users later this year. The company is saying that one will be able to create and use passkeys on Android devices without worrying about syncing issues because it will be backed up to Google Password Manager. Backing up to a cloud service is important because when a user sets up a new Android device by transferring data from an older device, existing end-to-end encryption keys will securely get transferred to the new device, according to Google.
The developers can now enroll in the Google Play Services beta to test the new authentication standard for their Android apps. Web admins can also build passkey support on their sites for end-users using Chrome via the WebAuthn API, on Android and other supported platforms. In the coming weeks or months, Google will also release an API for native Android apps, which will allow mobile applications to use web passkeys to log in.
You will be able to easily create a passkey on your Android phone by simply choosing a Google account and then authenticating your identity using the registered fingerprint or face unlock to complete the process.
Also Read : UIDAI update: Follow THESE steps to change address on your Aadhaar card
Google says a “passkey is a cryptographic private key. In most cases, this private key lives only on the user’s own devices, such as laptops or mobile phones. When a passkey is created, only its corresponding public key is stored by the online service. During login, the service uses the public key to verify a signature from the private key. This can only come from one of the user’s devices. Additionally, the user is also required to unlock their device or credential store for this to happen, preventing sign-ins from e.g. a stolen phone.”
