Face ID and Touch ID Logins Coming to Websites With Safari Web Authentication API

by

Apple allows Touch ID and Face ID to be used in lieu of a password to access sensitive apps like those for banking or password management, and in the future, ‌Face ID‌ and ‌Touch ID‌ will also be able to be used for authentication purposes when logging into a website.

faceidwebsites
Apple outlines the feature in a WWDC20 engineering session called "Meet ‌Face ID‌ and ‌Touch ID‌ for the web," which covers how web developers can use ‌Face ID‌ and ‌Touch ID‌ on their websites with the Web Authentication API.

An initial login on a website that supports the feature will require a username, passcode, and two-factor authentication code to be entered, but after that, ‌Face ID‌ or ‌Touch ID‌ can handle the login process. Signing in this way will require users to click on the sign in button, after which Safari will ask for confirmation. With the confirmation, a ‌Face ID‌ (or ‌Touch ID‌) scan is done, and the user is able to log in.

Apple says ‌Face ID‌ and ‌Touch ID‌ authentication is beneficial because it's frictionless, simple, and secure. The online session described it as "phishing resistant."

But more importantly, it is Phishing-resistant. Safari will only allow public credentials created by this API to be used within the Web site they were created, and the credential can never be exported out from the authenticater they were created in as well. This means that once a public credential has been provisioned, there is no way for a user to accidentally divulge it to another party. Cool right?! This is the overview of the Web Authentication standard.

Additional detail about the feature, including instructions on how web developers can enable it, can be found in the full video along with the accompanying resources.

Top Rated Comments

swm Avatar
swm
50 months ago
i see the future, where the password manager app developers protest for a senate hearing about apple's monopolistic business practices
Score: 12 Votes (Like | Disagree)
konqerror Avatar
konqerror
50 months ago

What if you have a non Apple device in your family of Apple devices?
You can’t very easily login there. I hope Apple will work with IEEE to set a standard for this so everyone can participate.
This is already a standard, called FIDO2. If you have non-Apple devices, sites allow multiple keys, or simply forget this and use an external USB/NFC/Bluetooth key.


I don’t really see how this is much more convienient that just using FaceID to grant access to the keychain?
One: it is phising-resistant, two: if the data was intercepted or the other side has a database leak, the information is worthless since it cannot be used for future logins.
Score: 5 Votes (Like | Disagree)
ArtOfWarfare Avatar
ArtOfWarfare
50 months ago

so I believe Sign In with Apple creates/connects an account with your Apple ID

This is basically a faster FaceID/TouchArcade reauthentication for your existing accounts.

The video demos it.

arn
TouchArcade ???
I assume autocorrect strikes again.
Score: 4 Votes (Like | Disagree)
konqerror Avatar
konqerror
50 months ago

I know FIDO2, that’s different. It’s basically a hardware token system. It’s not compatible with Sign In with Apple, which is SSO via Apple.
Did you read the article? It's saying that Apple platforms will act as a built-in FIDO2 authenticator; something that Windows and Android already do today.

Exactly like Microsoft did, they implemented FIDO2 locked to their own site first, and are now expanding it to other sites.
Score: 4 Votes (Like | Disagree)
kiensoy Avatar
kiensoy
50 months ago
Another “finally” of the many in iOS14.
Score: 3 Votes (Like | Disagree)
dwaltwhit Avatar
dwaltwhit
50 months ago
I can’t wait til we don’t even use passwords anymore
Score: 3 Votes (Like | Disagree)
Read All Comments

Popular Stories

maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Read Full Article264 comments
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Read Full Article403 comments
iPad And Calculator App Feature

Apple Finally Plans to Release a Calculator App for iPad Later This Year

Tuesday April 23, 2024 9:08 am PDT by
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Read Full Article212 comments
iOS 17 All New Features Thumb

iOS 17.5 Will Add These New Features to Your iPhone

Sunday April 21, 2024 3:00 am PDT by
The upcoming iOS 17.5 update for the iPhone includes only a few new user-facing features, but hidden code changes reveal some additional possibilities. Below, we have recapped everything new in the iOS 17.5 and iPadOS 17.5 beta so far. Web Distribution Starting with the second beta of iOS 17.5, eligible developers are able to distribute their iOS apps to iPhone users located in the EU...
Read Full Article
Apple Silicon AI Optimized Feature Siri

Apple Releases Open Source AI Models That Run On-Device

Wednesday April 24, 2024 3:39 pm PDT by
Apple today released several open source large language models (LLMs) that are designed to run on-device rather than through cloud servers. Called OpenELM (Open-source Efficient Language Models), the LLMs are available on the Hugging Face Hub, a community for sharing AI code. As outlined in a white paper [PDF], there are eight total OpenELM models, four of which were pre-trained using the...
Read Full Article44 comments