Simpler, Stronger Authentication for Millions of Android Users

The era of remembering and typing different passwords across all Android apps is fast becoming obsolete, as FIDO Alliance announced recently that Google is now FIDO2 certified.  Check the video to understand more about FIDO.

What this great news means for millions of Android users all over the world is that simpler and stronger authentication will be automatically be encoded on any compatible Android 7.0+ devices.  

Users will now have the ability to use the in-built fingerprint sensor to log in to an app, instead of the laborious and time draining experience of typing long passwords. The certification has made the Android device passwordless.  

Announced this week, an update to the Google Play Services will add the certification to more than half of the apps on Play Store. The FIDO (Fast Identity Online) protocol offers a secure and seamless authentication using a standard public key cryptography.  

The protocol is a collection of W3C’S WebAuthn API and CTAP which permits web and mobile app developers to integrate the software into their browsers and allows users to access pages beyond password authentication by using FIDO security keys.  

The fingerprint sensors are veiled behind a wall of cryptographic encryption; this will further reduce losing passwords to phishing attack attempts. Apart from browser and platform support, several other FIDO2 certified products have also been announced to support implementation.  

FIDO Certified devices work on Chrome OS, Windows, Linux, Mac OS, and its fully supported by Mozilla Firefox, Apple Safari, Google Chrome, and Microsoft Edge.        

Christiaan Brand, Product Manager for Google said the new development was an important hallmark because it allowed the company’s developers and partners a standardized way of accessing stores across its devices to build biometric controls for users. 

App and web developers are now directed to add authentication to their Android apps through an API call to bring the passwordless security to a significant number of their apps. 

For Android phones without fingerprint sensors, other authentication methods like PIN and SWIPE can be used to log on to apps.   

CloudWedge