Google has confirmed that the company plans to implement a new security standard in Google Chrome. The new technology makes it possible to protect your data without the use of passwords. Google is not the first company to implement this type of security. This also means that you might be able to sign-in to websites using fingerprint and IRIS scanners.
The new technique is called WebAuthn. This is a combination of a USB stick (USB token) and a code that is stored on it, but it can also be a trusted device such as a smartphone. This code is also shared with a trusted website and in this way, a key is created that is only available to those who hold the USB stick or a trusted device. This USB stick or registered phone is then changed to an Authenticator. If you want to log in somewhere, you will receive a notification on the token or telephone.
Different codes will therefore not just be available and the data will be encrypted on the Authenticator. The Authenticator also checks the site for reliability. This is done with a special ‘signature’ that must be on the site. With this, WebAuthn must become an alternative to the traditional passwords consisting of numbers, letters, and signs. The technique must be a long-term replacement for these traditional passwords.
The physical key that stores the codes also makes it possible to store a fingerprint, retina scan or other biometric data. In theory, you therefore swap a password of characters with a fingerprint or other biometric option. Google has now confirmed that they plan to implement this new way of security in, among other things, the Chrome browser. With this, the company follows the example of competitor Firefox. In that browser it has been possible since the last update to log in with WebAuthn.
The update for Google Chrome has to be rolled out in the coming weeks and probably in version 67 but an exact date is not yet available. Since the code for the authenticator is open source, it will be possible to change virtually any storage medium into an authenticator.