Monday, August 15, 2022 | Back issues
Courthouse News Service Courthouse News Service

Apple, Google, Microsoft throw weight behind push for biometric logins

The new standard will eliminate the need for the dozens of passwords people require to keep their online accounts safe.

(CN) — Apple, Google and Microsoft have joined an effort to eliminate the dozens of cumbersome — and risky — passwords people need to access the many websites and apps they depend on for services, work and recreation.

The three tech giants announced their support Thursday for a common "passkey" standard created by the FIDO Alliance and the World Wide Web Consortium, which will enable users to access websites and apps using fingerprint or face-recognition technology just as they do to unlock their mobile phones or computers.

Many people still use the same passwords across numerous websites, which increases the risk of account takeovers, data breaches and identity theft. The new standardized approach will protect against phishing and sign-in will be "radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS," the FIDO Alliance said in statement.

“Just as we design our products to be intuitive and capable, we also design them to be private and secure,” Kurt Knight, Apple’s senior director of platform product marketing, said in the statement. “Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience."

The FIDO, for Fast IDentity Online, Alliance was formed in July 2012 to address the lack of interoperability between authentication technologies and remedy the problems users face with creating and remembering multiple usernames and passwords.

Google has been working alongside FIDO to eliminate outdated password-based authentication, according to Mark Risher, Google's senior director of product. The company will make the FIDO-based technology available across Chrome, ChromeOS, Android and other platforms, and will encourage app and website developers to adopt it so that people can safely move away from the risk and hassle of passwords.

All three companies already allow users to access websites and apps without entering a username and password each time, but people are still required to sign in to each website or app with each of their devices before they can start using biometric sign-ins. The new standard, to which the companies are now committed, will allow users to automatically use their "passkey" on their devices without having to re-enroll every account.

The new standard will also enable people to use their "passkey" on their cellphones to sign in to an app or website on a nearby device regardless of the operating system or the browser they are using.

“The complete shift to a passwordless world will begin with consumers making it a natural part of their lives," Alex Simons, Microsoft's corporate vice president for identity program management, said in the statement. "Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today."

Read the Top 8

Sign up for the Top 8, a roundup of the day's top stories delivered directly to your inbox Monday through Friday.

Loading
Loading...