Google’s and the Fast Identity Online Alliance said that Android is now FIDO2-certified which means that now the Android devices can use fingerprints and security keys for logging in to accounts instead of passwords. This certification was revealed at Mobile World Congress in Barcelona, Spain.
This is going to bring a huge change in the devices that runs in versions Android 7 and up that comes to around half of all Android users. The user need not do anything specially to get this added security as it will be available out of the box or with an automatic Google Play Services update.
Several Android apps already make use of fingerprints or security keys as passwords especially banking and other financial apps. The security features can be utilized by any Android developer, permitting password-less logins on Android mobile browser and apps.
Passwords are needed to access any accounts that manages your finance, social life etc. But the main issue is that they aren’t secure as the attackers can easily steal and sell them. It becomes even more easier for the hackers if you use the same passwords across multiple sites.
Computers have also evolved in such a way that it is possible to easily guess complicated passwords within a matter of time by checking every possible combination.
This is the main reason that the security industry professionals wanted to eliminate passwords, and use methods like biometrics and security keys. Fingerprints and security keys are difficult to steal online, and with the FIDO2 standard, they are protected against phishing attacks.
The Executive director of the FIDO Alliance, Brett McDowell stated that when the news came out from Google, the number of users with FIDO Authentication capabilities has grown strikingly. Using the leading web browsers that is already FIDO2 compliant, it is time for website developers to free their users from the risk of managing the passwords and integrate FIDO Authentication at the earliest. The browsers that already supports FIDO2 standard includes Google Chrome, Microsoft Edge and Mozilla Firefox.
While you login to an account, the security standard checks to make sure that the page is real and not a fake one that has been created to trick the user.
Google had the vision that created its own security key in July, and experts believe that the best option to replace passwords is the use of fingerprints.