Safari Supports NFC, USB, and Lightning FIDO2-Compliant Security Keys in iOS 13.3

The iOS 13.3 update that is currently available to developers and public beta testers has a new Safari feature that supports NFC, USB, and Lightning FIDO2-compliant security keys.

This option was activated in the first beta of iOS 13.3, but in the second developer beta, Apple has added details about it in the release notes.

yubico1

Now supports NFC, USB, and Lightning FIDO2-compliant security keys in Safari, SFSafariViewController, and ASWebAuthenticationSession using the WebAuthn standard, on devices with the necessary hardware capabilities.

With the iOS 13.3 update, Safari will support physical security keys like the Lightning-equipped YubiKey, which can be used for more secure two-factor authentication.

Yubico announced the YubiKey 5Ci back in August, but at the time of launch, it was of limited usefulness because it did not work with Safari, Chrome, or other major browsers, though it was compatible with apps like 1Password.

With Safari support, the YubiKey 5Ci is a legitimately useful tool that can be more convenient than software-based two-factor authentication because there's no need to enter a security code -- you simply plug it in to an iPhone or Mac (there's also a USB-C connector) to authenticate. Support for FIDO2-compliant USB security keys using WebAuthn was previously added to Safari 13 in macOS.

Other NFC, USB, and Lightning-based security keys will also work with Safari following the iOS 13.3 update. There's no word yet on when iOS 13.3 will be released, but we may see it sometime in December after a few more weeks of beta testing.

Related Forum: iOS 13

Popular Stories

iphone se 4 modified flag edges

iPhone SE 4 With Face ID Said to Be Priced Below $500

Monday May 20, 2024 3:43 am PDT by
Apple is targeting a sub-$500 starting price for its upcoming fourth-generation iPhone SE model despite a raft of rumored upgrades coming to the more affordable device. According to leaker Revegnus on X, the U.S. launch price of the fourth-generation iPhone SE will either remain at the same $429 starting price as the current model, or will see an increase of around 10%. Either way, Apple's...
iOS 17

Apple Releases iOS 17.5.1 With Fix for Reappearing Photos Bug

Monday May 20, 2024 10:11 am PDT by
Apple today released iOS 17.5.1 and iPadOS 17.5.1, minor updates to the iOS 17 and iPadOS 17 operating system updates that came out last September. The 17.5.1 updates come a week after the launch of iOS 17.5 and iPadOS 17.5. iOS 17.5.1 and iPadOS 17.5.1 can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. According to Apple's...
iPhone 16 Camera Lozenge 2 Perspective

iPhone 16 Lineup Rumored to Come in These Two New Colors

Sunday May 19, 2024 11:08 am PDT by
Apple analyst Ming-Chi Kuo today outlined his expectations for the iPhone 16 lineup's color options, revealing that two new colors should replace two of the existing shades. Kuo outlined his expectations in a post on X (formerly Twitter) earlier today. He believes that the iPhone 16 Pro and iPhone 16 Pro Max will be available in black, white or silver, gray or "Natural Titanium," and rose....
microsoft surface pro qualcomm

Microsoft Says New Surface Pro is Faster Than 15" M3 MacBook Air

Monday May 20, 2024 3:19 pm PDT by
Microsoft is going all in on AI, today introducing a series of Copilot+ PCs that have AI-focused hardware. The new Surface Pro is one of the first Copilot+ PCs, equipped with Qualcomm's Arm-based Snapdragon X Elite processor. Microsoft is already pitting the Surface Pro against Apple's M3 MacBook Air, and in marketing materials, claims that the Surface Pro has superior processing power and...
iOS 17

iOS 17.5 Bug May Also Resurface Deleted Photos on Wiped, Sold Devices [Updated]

Friday May 17, 2024 12:24 pm PDT by
A bug in iOS 17.5 is apparently causing photos that have been deleted to reappear, and the issue seems to impact even iPhones and iPads that have been erased and sold off to other people. A Reddit user wiped an iPad following Apple's guidelines in September of 2023 before selling it off to a friend. That friend updated the iPad to iPadOS 17.5 this week, and began seeing the Reddit user's old ...
iphone se 4 modified flag edges

When to Expect the Next iPhone SE to Launch

Friday May 17, 2024 2:03 pm PDT by
It has been over two years since Apple released the third-generation iPhone SE, and rumors continue to surface about a new model. The latest word comes from The Information, which today reported that Apple plans to release a new iPhone SE with a design similar to the standard iPhone 14 in the spring of 2025. If this rumor is accurate, the iPhone SE would finally gain Face ID and a notch...

Top Rated Comments

FishyFish Avatar
59 months ago
I’m just loving this announcement. Nice job Apple!!
Score: 2 Votes (Like | Disagree)
farewelwilliams Avatar
59 months ago
"it has awesome security" -steve jobs
Score: 2 Votes (Like | Disagree)
orthorim Avatar
59 months ago

This is great news for the 8 people who will ever use this totally obscure feature.
Willing to bet you will eat these words by this time next year.

All our security standards are extremely weak and / or have been hacked so we need new ones desperately. 2FA is going to be the savior of doing anything wallet related on your computer.

The reason this is fantastic news is that it will allow mass adoption of way better, way more convenient, way more mass compatible security.
Score: 2 Votes (Like | Disagree)
ksnell Avatar
59 months ago

This is great news for the 8 people who will ever use this totally obscure feature.
Count me in good sir! At least 8 of us are taking internet security seriously!
Score: 1 Votes (Like | Disagree)
robbysibrahim Avatar
59 months ago

This is great news for the 8 people who will ever use this totally obscure feature.
And notice how devoid of the usual comments ("about time!", "what could go wrong", "how about you fix your software, Tim.", "X dollars? that's insane!", "insert dad joke here") this thread is. People are more likely to complain about what they don't quite fully understand but not about what they know nothing about IMHO.
Score: 1 Votes (Like | Disagree)
Anon Ymous Avatar
59 months ago

FIDO is that wonky thing where where the site is what is actually storying your keypair, but with you having locally encrypted it so it can give it to you so you can decrypt it so you can use that to verify the public half of the keypair that the site is also keeping?

https://www.grc.com/sn/sn-445.htm

Should just do something sensible like SQRL, or really any other solution.
Seriously, Gibson is a hack and a charlatan, no one serious in the industry respects him. There were several sites that debunk what he spewed, but they just stopped being maintained over 15 years ago because there was already too much information. Gibson total made things up (Socketgate?).

U2F which FIDO2 is based off of is well reviewed, and now included in the W3C specification through WebAuthN.
Score: 1 Votes (Like | Disagree)