Face ID and Touch ID Logins Coming to Websites With Safari Web Authentication API

by

Apple allows Touch ID and Face ID to be used in lieu of a password to access sensitive apps like those for banking or password management, and in the future, ‌Face ID‌ and ‌Touch ID‌ will also be able to be used for authentication purposes when logging into a website.

faceidwebsites
Apple outlines the feature in a WWDC20 engineering session called "Meet ‌Face ID‌ and ‌Touch ID‌ for the web," which covers how web developers can use ‌Face ID‌ and ‌Touch ID‌ on their websites with the Web Authentication API.

An initial login on a website that supports the feature will require a username, passcode, and two-factor authentication code to be entered, but after that, ‌Face ID‌ or ‌Touch ID‌ can handle the login process. Signing in this way will require users to click on the sign in button, after which Safari will ask for confirmation. With the confirmation, a ‌Face ID‌ (or ‌Touch ID‌) scan is done, and the user is able to log in.

Apple says ‌Face ID‌ and ‌Touch ID‌ authentication is beneficial because it's frictionless, simple, and secure. The online session described it as "phishing resistant."

But more importantly, it is Phishing-resistant. Safari will only allow public credentials created by this API to be used within the Web site they were created, and the credential can never be exported out from the authenticater they were created in as well. This means that once a public credential has been provisioned, there is no way for a user to accidentally divulge it to another party. Cool right?! This is the overview of the Web Authentication standard.

Additional detail about the feature, including instructions on how web developers can enable it, can be found in the full video along with the accompanying resources.

Top Rated Comments

swm Avatar
swm
50 months ago
i see the future, where the password manager app developers protest for a senate hearing about apple's monopolistic business practices
Score: 12 Votes (Like | Disagree)
konqerror Avatar
konqerror
50 months ago

What if you have a non Apple device in your family of Apple devices?
You can’t very easily login there. I hope Apple will work with IEEE to set a standard for this so everyone can participate.
This is already a standard, called FIDO2. If you have non-Apple devices, sites allow multiple keys, or simply forget this and use an external USB/NFC/Bluetooth key.


I don’t really see how this is much more convienient that just using FaceID to grant access to the keychain?
One: it is phising-resistant, two: if the data was intercepted or the other side has a database leak, the information is worthless since it cannot be used for future logins.
Score: 5 Votes (Like | Disagree)
ArtOfWarfare Avatar
ArtOfWarfare
50 months ago

so I believe Sign In with Apple creates/connects an account with your Apple ID

This is basically a faster FaceID/TouchArcade reauthentication for your existing accounts.

The video demos it.

arn
TouchArcade ???
I assume autocorrect strikes again.
Score: 4 Votes (Like | Disagree)
konqerror Avatar
konqerror
50 months ago

I know FIDO2, that’s different. It’s basically a hardware token system. It’s not compatible with Sign In with Apple, which is SSO via Apple.
Did you read the article? It's saying that Apple platforms will act as a built-in FIDO2 authenticator; something that Windows and Android already do today.

Exactly like Microsoft did, they implemented FIDO2 locked to their own site first, and are now expanding it to other sites.
Score: 4 Votes (Like | Disagree)
kiensoy Avatar
kiensoy
50 months ago
Another “finally” of the many in iOS14.
Score: 3 Votes (Like | Disagree)
dwaltwhit Avatar
dwaltwhit
50 months ago
I can’t wait til we don’t even use passwords anymore
Score: 3 Votes (Like | Disagree)
Read All Comments

Popular Stories

iPhone 15 Pro FineWoven

Apple Reportedly Stops Production of FineWoven Accessories

Sunday April 21, 2024 6:03 am PDT by
Apple has stopped production of FineWoven accessories, according to the Apple leaker and prototype collector known as "Kosutami." In a post on X (formerly Twitter), Kosutami explained that Apple has stopped production of FineWoven accessories due to its poor durability. The company may move to another non-leather material for its premium accessories in the future. Kosutami has revealed...
Read Full Article426 comments
Provenance Emulator

PlayStation and SEGA Emulator for iPhone and Apple TV Coming to App Store [Updated]

Friday April 19, 2024 8:29 am PDT by
The lead developer of the multi-emulator app Provenance has told iMore that his team is working towards releasing the app on the App Store, but he did not provide a timeframe. Provenance is a frontend for many existing emulators, and it would allow iPhone and Apple TV users to emulate games released for a wide variety of classic game consoles, including the original PlayStation, GameCube, Wii,...
Read Full Article179 comments
iOS 17 All New Features Thumb

iOS 17.5 Will Add These New Features to Your iPhone

Sunday April 21, 2024 3:00 am PDT by
The upcoming iOS 17.5 update for the iPhone includes only a few new user-facing features, but hidden code changes reveal some additional possibilities. Below, we have recapped everything new in the iOS 17.5 and iPadOS 17.5 beta so far. Web Distribution Starting with the second beta of iOS 17.5, eligible developers are able to distribute their iOS apps to iPhone users located in the EU...
Read Full Article
apple vision pro orange

Apple Vision Pro Customer Interest Dying Down at Some Retail Stores

Monday April 22, 2024 2:12 am PDT by
Apple Vision Pro, Apple's $3,500 spatial computing device, appears to be following a pattern familiar to the AR/VR headset industry – initial enthusiasm giving way to a significant dip in sustained interest and usage. Since its debut in the U.S. in February 2024, excitement for the Apple Vision Pro has noticeably cooled, according to Bloomberg's Mark Gurman. Writing in his latest Power On...
Read Full Article310 comments
top stories 20apr2024

Top Stories: Nintendo Emulators on App Store, Two New iOS 17 Features, and More

Saturday April 20, 2024 6:00 am PDT by
It was a big week for retro gaming fans, as iPhone users are starting to reap the rewards of Apple's recent change to allow retro game emulators on the App Store. This week also saw a new iOS 17.5 beta that will support web-based app distribution in the EU, the debut of the first hotels to allow for direct AirPlay streaming to room TVs, a fresh rumor about the impending iPad Air update, and...
Read Full Article9 comments