Update Google Play Services to Enable Touch-ID Registrations for Web Sites

Today, the FIDO Alliance and the World Wide Web Consortium (WC3)
announced that the Android operating system had received FIDO2 certification. This will allow Android users to use their fingerprint (rather than a password) to connect to websites and other services. Developers will now be able to add password-free authentication to their web applications and login pages, as well as their native files. Android apps following an automated update of Google Play services.

Although many Android devices and apps have already included fingerprint-based connections, the implementation of FIDO2 is different, and its adoption on Android means that we are probably getting closer to the future where passwords are out of date.

How to set up password-free web connections on Android

Once FIDO2 support is deployed on your device, you will only be able to use the fingerprint ID to connect to the websites that allow it – although more and more people will probably start putting in place a fingerprint connection, as one billion new devices will soon support this feature. To use password-free connections on these websites, you must have the following:

1. A device running at least Android 7.0 or higher.
2. The latest update to Google Play services. These updates are usually done automatically, but you can double-check by opening the Google Play Store page of the app on your device to see if a new version is available.
3. Then you will need to set up your fingerprint profile on your Android device, if you have not done so already.
4. Once your fingerprint ID is stored, you can now use your Android device's fingerprint sensor to connect to websites and web apps while browsing in Chrome, Firefox and Microsoft Edge (provided that the Web site supports authentication without a password). .

Is it secure?

Like any security measure, the fingerprint ID presents risks. It is therefore recommended to use another method (password, personal identification number, face recognition or ghost pass). However, the FIDO2 protocol is incredibly secure and adds an extra layer of protection by preventing users from using fingerprint-based Web connections to unsafe domains and websites with phony URLs. FIDO2 can also protect you in case of security breach. Unlike a password system, which asks the user and the application / service to know the password, FIDO2 only asks the user to enter the password information. correct authentication.

Using your Android device's fingerprint sensor basically works the same way as unlocking your lock screen or connecting to certain apps: your personal information and your fingerprint profile data is stored locally on your device. the device and are never shared with the applications or websites you use. you connect to. Instead, your device verifies that the fingerprint matches the print ID or the login key that it has stored, and then confirms with the application or the the website that everything is copacetic and connects you (or locks you in case the information does not match.)).

And just in case you need more certainty that fingerprint authentication is safe, we have some tips to make your fingerprint data as secure as possible.