Chrome, Edge, Firefox to support new log-in standard WebAuth

News Broadband Global 10 APR 2018
Chrome, Edge, Firefox to support new log-in standard WebAuth

Leading web browsers such as Google Chrome, Microsoft Edge and Mozilla Firefox have announced their support for a new web authentication standard, aimed at improving security and reducing reliance on passwords. The decision to implement the standard developed by the FIDO Alliance follows the W3C standards group approving the WebAuth system for a candidate recommendation. 

WebAuthn is a standard web API to give users new methods to securely authenticate across sites and devices. It was developed by industry members in coordination with the FIDO Alliance and is a core component of the FIDO2 Project along with FIDO’s Client to Authenticator Protocol (CTAP) specification, which enables an external authenticator, such as a security key or a mobile phone, to communicate strong authentication credentials locally over USB, Bluetooth or NFC to the user’s computer or tablet. 

Google, Microsoft and Mozilla have committed to supporting the WebAuthn standard in their flagship browsers and have started implementation for Windows, Mac, Linux, Chrome OS and Android platforms. Both the WebAuthn and CTAP specifications are available already for developers and vendors to start implementing support in their products. According to the standards groups, by using the new standards, enterprises and online service providers will be able to protect themselves and their customers better from the risks associated with passwords, such as phishing, man-in-the-middle attacks and the abuse of stolen credentials. 

The standardization of the new FIDO2 specifications in browsers and operating systems will further expand the reach of FIDO Authentication, which is referenced by regulators and standards-setting bodies worldwide and is already available on hundreds of millions of devices and offered to more than 3.5 billion user accounts worldwide through services from companies such as Google, Facebook, NTT Docomo and Bank of America.

FIDO will soon launch interoperability testing and will issue certifications for servers, clients and authenticators adhering to FIDO2 specifications. The conformance test tools are available on FIDO’s website. Additionally, FIDO will introduce a new Universal Server certification for servers that interoperate with all FIDO authenticator types (FIDO UAF, FIDO U2F, WebAuthn, CTAP).

Categories:

Internet

Companies:

MicrosoftGoogleMozillaW3CFIDO Alliance

Regions:

Global

Tags:

Security, IT - applications, Portals / social media, Standardisation

Related Articles

GLOBAL 11 APR 2019

Google lets Android smartphones act as 2SV security keys

Google has announced that all phones running Android 7.0 Nougat and above can now be used as two-step-verification (2SV) physical security keys to sign into the company's services. The aim is to prevent attackers stealing online identities via phishing by providing an additional layer of protection that uses Google's Titan Security Key, described as the "most phishing-resistant method of 2SV on the market today".

GLOBAL 26 FEB 2019

Android gets Fido2 certification, ensuring strong biometric security

The Fido (Fast Identity Online) Alliance said that Android is now Fido2 Certified. This means that Fido2 protocols are ensured with Android for devices with built-in fingerprint sensors or Fido security keys for secure passwordless acess to websites and native applications. All devices running Android 7.0+ are now certified out of the box of after an automated Google Play Services update. Over 1 billion devices support Android 7.0+.

GLOBAL 8 AUG 2018

Firefox intros Advance extension to offer content recommendations

Mozilla announced the new feature 'Advance' for its Firefox web browser, to offer users recommended content on the web. Advance is a web extension that works by analysing content viewed by the user in order to provide recommendations based on what they may want to 'read next' through a sidebar in the browser. Additionally, Advance shares recommendations based on recent online history, discoverable in the 'For You' section of the sidebar. 

GLOBAL 11 JUL 2018

Mozilla introduces Firefox Lockbox, Notes for mobile users

Mozilla announced two new pilot projects for mobile users of its Firefox web browser. Firefox Lockbox for iOS will help users store their passwords, and Notes by Firefox for Android allows users to save and sync notes across mobile and desktop devices. 

GLOBAL 14 SEP 2016

NFC Forum forms partnerships with three industry consortia

The NFC Forum entered into liaison agreements with the Car Connectivity Consortium (CCC), the Fido (Fast IDentity Online) Alliance, and the Smart Ticketing Alliance. The goal of the alliances is to collaborate on joint projects to advance the adoption and usability of NFC in key markets and technology sectors, including automotive, public transportation, and digital identity. All of the collaborations are focused on educating the market, unleashing innovation, and removing barriers to interoperability. For

GLOBAL 12 JUL 2016

EMVCo, FIDO Alliance collaborate on m-payment authentication

EMVCo, the global payment specification body, and the FIDO Alliance, an industry consortium developing open, interoperable authentication standards, will collaborate and review the ways in which FIDO authentication standards can support EMV payment use cases. A key aim of the initiative is to investigate providing simpler and stronger authentication for cardholders making mobile payments using on-device authenticators, such as biometrics, thereby reducing consumer fraud globally while maintaining a good con

JAPAN 8 MRT 2016

Docomo intros FIDO biometric authentication for iOS devices

The FIDO Alliance has announced that Japanese mobile operator NTT Docomo has extended its deployment of FIDO certified authentication to its millions of customers with Touch ID-equipped Apple iPhones and other iOS1 devices. Docomo adds this new FIDO-for-iOS capability to an existing suite of 10 FIDO Certified Android devices from Samsung, Fujitsu, Sharp, and Sony Mobile, enabling customers to choose between platforms, devices and biometric authentication modalities including fingerprint touch, fingerprint s

GLOBAL 18 FEB 2016

W3C embarks on FIDO Alliance-led web authentication project

The World Wide Web Consortium (W3C) has announced the launch of a new project to set up Web Authentication standards on the basis FIDO Alliance specifications. The aim is to offer a more secure and flexible alternative to password-based log-ins on the web, with the W3C warning that even strong passwords can be lost in data breaches or targeted for replay in phishing attacks. "With the scope and frequency of attacks increasing, it is imperative for W3C to develop new standards and best practices for increase

Just In

19 JUN 13:50

T-Mobile Poland wins project for Katowice connected water meters

19 JUN 13:47

UAE bans social media for children under 15

19 JUN 13:36

Live TF1 channels launch on Netflix in France

19 JUN 13:24

Megafon launches own eSIM router

Commentary

5 MEI 10:55

KPN: the art of making one-offs structural

4 MEI 14:25

Open Dutch Fiber outlook: time to restart roll-out?

20 APR 10:36

Netflix back to organic growth and doing just fine

11 FEB 12:29

Odido shareholders face tricky exit after abandoned IPO

Background

1 JUN 00:13

The week in telecom: EU telcos push sovereign services as governments question foreign tech investors

23 MEI 23:42

The week in telecom: Starlink ready to go public, Singapore telco M&A and Google courts AI subscribers at I/O

18 MEI 00:31

The week in telecom: US operators mount rural satellite challenge, Cisco cashes in on AI boom

11 MEI 00:53

The week in telecom: Lumen, NTT turn to data centre market to revive growth, Hutchison exits UK

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.