WebAuthn becomes official hardware login standard for browsers like Apple's Safari
Roger Fingas
The World Wide Web Consortium and the FIDO Alliance have certified WebAuthn as an official Web standard, allowing users of compatible browsers — Safari among them — to turn to hardware logins instead of passwords.
The technology is already supported in developer's preview versions of Safari, as well as other major browsers including Chrome, Firefox, and Edge. Two operating systems, Android and Windows 10, have the technology built-in.
Sites that use WebAuthn support logins via biometrics, mobile devices, and USB security keys. This not only bypasses the need for passwords but keeps login data local, and thus protected from server hacks or interception. FIDO keys are also unique to each website, meaning they can't be used to follow a person.
Apple first added WebAuthn support to Safari in a December Technology Preview release. At the time the browser's implementation was limited strictly to USB, even though WebAuthn should also support Bluetooth and NFC.
One USB key maker, Yubico, has been working on a Lightning product for iPhones and iPads. It already has MFi certification from Apple, but the project is still in private testing among third-party developers.
William Gallagher
Wesley Hilliard
Andrew Orr
Amber Neely
