Google says goodbye to passwords. The Mountain View company has announced that from now on you can verify your identity using the fingerprint reader to unlock the code for some of the Google services on your Android device. The new authentication method is already available for Pixel smartphones and will arrive on all devices with Android 7 and later versions in the coming days.
Android: goodbye passwords
This means that to access a specific site, the user will no longer need to enter the classic password. Very often vulnerable, but will be able to use the unlocking methods set for their smartphone. Like the fingerprint recognition or the PIN and the sequence. In this way, moreover, Google’s servers will not get this data. But will remain saved locally on the device.
By entering the screen unlock code or using the fingerprint sensor. The system will recognize that the person who is trying to log in is who they say they are. For the moment, there is no support for face recognition. But it is not said that the support cannot be extended in the future.
This functionality is the fruit of Google’s collaboration with the FIDO Alliance and W3C which has led – among other things – Android to be FIDO2 certified which allows, precisely, to use for Web services the same authentication method used for native applications of Android.
On its official blog, in fact, Google explains that when the user visits a compatible service, such as passwords.google.com, a “Get” WebAuthn call is issued, transmitting the ID obtained during the creation of credentials. The result is a valid FIDO2 signature which allows access to the service.