Face ID and Touch ID Logins Coming to Websites With Safari Web Authentication API

by

Apple allows Touch ID and Face ID to be used in lieu of a password to access sensitive apps like those for banking or password management, and in the future, ‌Face ID‌ and ‌Touch ID‌ will also be able to be used for authentication purposes when logging into a website.

faceidwebsites
Apple outlines the feature in a WWDC20 engineering session called "Meet ‌Face ID‌ and ‌Touch ID‌ for the web," which covers how web developers can use ‌Face ID‌ and ‌Touch ID‌ on their websites with the Web Authentication API.

An initial login on a website that supports the feature will require a username, passcode, and two-factor authentication code to be entered, but after that, ‌Face ID‌ or ‌Touch ID‌ can handle the login process. Signing in this way will require users to click on the sign in button, after which Safari will ask for confirmation. With the confirmation, a ‌Face ID‌ (or ‌Touch ID‌) scan is done, and the user is able to log in.

Apple says ‌Face ID‌ and ‌Touch ID‌ authentication is beneficial because it's frictionless, simple, and secure. The online session described it as "phishing resistant."

But more importantly, it is Phishing-resistant. Safari will only allow public credentials created by this API to be used within the Web site they were created, and the credential can never be exported out from the authenticater they were created in as well. This means that once a public credential has been provisioned, there is no way for a user to accidentally divulge it to another party. Cool right?! This is the overview of the Web Authentication standard.

Additional detail about the feature, including instructions on how web developers can enable it, can be found in the full video along with the accompanying resources.

Top Rated Comments

swm Avatar
swm
43 months ago
i see the future, where the password manager app developers protest for a senate hearing about apple's monopolistic business practices
Score: 12 Votes (Like | Disagree)
konqerror Avatar
konqerror
43 months ago

What if you have a non Apple device in your family of Apple devices?
You can’t very easily login there. I hope Apple will work with IEEE to set a standard for this so everyone can participate.
This is already a standard, called FIDO2. If you have non-Apple devices, sites allow multiple keys, or simply forget this and use an external USB/NFC/Bluetooth key.


I don’t really see how this is much more convienient that just using FaceID to grant access to the keychain?
One: it is phising-resistant, two: if the data was intercepted or the other side has a database leak, the information is worthless since it cannot be used for future logins.
Score: 5 Votes (Like | Disagree)
ArtOfWarfare Avatar
ArtOfWarfare
43 months ago

so I believe Sign In with Apple creates/connects an account with your Apple ID

This is basically a faster FaceID/TouchArcade reauthentication for your existing accounts.

The video demos it.

arn
TouchArcade ???
I assume autocorrect strikes again.
Score: 4 Votes (Like | Disagree)
konqerror Avatar
konqerror
43 months ago

I know FIDO2, that’s different. It’s basically a hardware token system. It’s not compatible with Sign In with Apple, which is SSO via Apple.
Did you read the article? It's saying that Apple platforms will act as a built-in FIDO2 authenticator; something that Windows and Android already do today.

Exactly like Microsoft did, they implemented FIDO2 locked to their own site first, and are now expanding it to other sites.
Score: 4 Votes (Like | Disagree)
kiensoy Avatar
kiensoy
43 months ago
Another “finally” of the many in iOS14.
Score: 3 Votes (Like | Disagree)
dwaltwhit Avatar
dwaltwhit
43 months ago
I can’t wait til we don’t even use passwords anymore
Score: 3 Votes (Like | Disagree)
Read All Comments

Popular Stories

iPhone 16 Mock Header With Dynamic Island

Skipping the iPhone 15 Pro? Here's What's Rumored for iPhone 16 Pro

Friday September 22, 2023 9:29 am PDT by
Are you skipping the iPhone 15 Pro and waiting another year to upgrade? If so, we already have some iPhone 16 Pro rumors for you. Below, we recap new features rumored for the iPhone 16 Pro models so far:Larger displays: The iPhone 16 Pro and iPhone 16 Pro Max will be equipped with larger 6.3-inch and 6.9-inch displays, respectively, according to Ross Young, CEO of Display Supply Chain...
Read Full Article195 comments
Apple WWDC23 macOS Sonoma hero

macOS Sonoma Launching This Week With These New Features

Sunday September 24, 2023 12:45 pm PDT by
Apple previously announced that macOS Sonoma will be released this Tuesday, September 26. The free software update includes many new features and changes for the Mac, including the five that we have highlighted below. In addition to these five features, we have shared the full release notes for macOS Sonoma below for a complete overview of everything new. Desktop Widgets macOS Sonoma...
Read Full Article235 comments
Apple Watch Ultra 2 double tap gesture 230912

watchOS 10.1 to Enable Apple Watch's New 'Double Tap' Gesture

Thursday September 21, 2023 12:52 pm PDT by
The new Double Tap gesture for the Apple Watch Series 9 and the Apple Watch Ultra 2 will be enabled starting with watchOS 10.1, according to Marques Brownlee, host of the popular tech-focused YouTube channel MKBHD. The first beta of watchOS 10.1 will likely be available by next week, and Apple announced that the software update will be released next month. Brownlee shared his impressions...
Read Full Article87 comments