Google aims to move beyond passwords with Android FIDO2 certification

Google aims to move beyond passwords with Android FIDO2 certification
More than a billion Android devices can now benefit from FIDO2 authentication protection as part of Google's work to reduce the reliance on passwords.

Google has moved to improve the security of its Android mobile platform with the news that the operating system's latest versions are now certified for use with the FIDO2 standard for passwordless user identification.

A new update to Google Play Services means that all devices running version 7.0 or later – which amounts to more than a billion gadgets worldwide – will be able to log in users to compatible websites and apps using biometrics or two-factor authentication, rather than relying on a passcode.

Developers can add FIDO's strong authentication to their Android apps and websites with a simple API call, thereby reducing the risks posed by insecure and compromised passwords, which continue to be one of the biggest security challenges for many businesses.

FIDO, or Fast Identity Online, is a consortium that aims to improve authentication techniques and address issues such as a lack of standardisation and interoperability between services.

Brett McDowell, executive director of the alliance, said: "FIDO2 was designed from day one to be implemented by platforms, with the ultimate goal of ubiquity across all the web browsers, devices and services we use every day. With this news from Google, the number of users with FIDO authentication capabilities has grown dramatically and decisively."

The standard allows users to access their apps or websites by confirming their identity with their phone's fingerprint scanner or facial recognition tools, or pair it with a third-party dongle such as a YubiKey in order to avoid the use of passwords.

Christiaan Brand, product manager at Google focused on identity and security, told Wired the firm has been working with FIDO for a while, with a particular focus on tackling phishing, which he described as one of the biggest authentication issues on the web today.

"The natural evolution was looking toward FIDO2," he said. "Customers are already used to using these sensors on the device for authenticating into applications every day, so how do we make that technology available to websites?"

We can help your business! Contact Arrow Now

About Us

With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.

Contact Form