Google introduces the function of identifying smartphone users without passwords

Ensuring safe access to smartphones whenThe help of the fingerprint scanner has led to the expansion of functions in many applications. So some banks are already opening up access to customer identification by providing fingerprints in the application. Google, in turn, has decided to allow users to identify themselves to access their resources using a fingerprint sensor. Entering a password is not required.

A function has already appeared for smartphonesfingerprint identification on the Google Account Manager Password Manager page in the Chrome browser. The FIDO2, W3C WebAuthn and FIDO CTAP standards are used. The main advantage of the FIDO2 standard over the traditional API standard is its universal ability to use credentials not only for Google services, but also for other web services. Therefore, the user only once registers fingerprints.

Regarding the storage of sensitive dataGoogle issued a separate clarification stating that fingerprints are stored on the user's smartphone and are not transmitted to the company's servers. Google receives only encrypted confirmation of the fact that the prints match. At the same time, traditional forms of password entry are preserved.

Currently fingerprint identificationAvailable only to owners of the Google Pixel lineup. However, in the near future, an update will open for all devices running OS Android 7.0 and higher, opening this opportunity.

Source: Google