Android Security Tech News

With FIDO2, Android Is Moving Beyond Passwords

Dave Parrack 25-02-2019

Google Android is now officially FIDO2 certified. This means Android users can make use of login methods other than passwords to access apps and websites. As long as they support the FIDO2 protocols. This signals the beginning of the end for passwords.


What Is FIDO2?

FIDO stands for Fast IDentify Online. The FIDO Alliance is a consortium of companies including Amazon, Google, Intel, Microsoft, PayPal, and Samsung. Their goal is to improve the interoperability of authentication devices and methods.

FIDO2 is a set of standards that governs both devices and authentication methods. These standards “enable users to more easily and securely login to online services with FIDO2-compliant devices such as fingerprint readers, cameras and/or FIDO security keys.”

Android Earns FIDO2 Certification

Google Android has now earned FIDO2 certification. This means that any compatible device running Android 7.0 or higher is now FIDO2 certified. New devices will be certified out of the box. Devices already in the wild will require a Google Play Services update.

Once your Android device is FIDO2 certified, you’ll be able to use methods other than passwords to log into apps and websites. Those apps and websites also need to support the FIDO2 protocols, but the number that do so is growing daily.

In the FIDO Alliance press release, Christiaan Brand, a Product Manager at Google, said:


“Google has long worked with the FIDO Alliance and W3C to standardize FIDO2 protocols, which give any application the ability to move beyond password authentication while offering protection against phishing attacks.”


“Today’s announcement of FIDO2 certification for Android helps move this initiative forward, giving our partners and developers a standardized way to access secure keystores across devices, both in market already as well as forthcoming models, in order to build convenient biometric controls for users.”

The most obvious login method this enables is fingerprint IDs. Once your fingerprint has been stored you’ll be able to use the fingerprint sensor on your Android device to sign into apps and websites. If you prefer, you can also use PIN numbers and/or patterns.

Passwords Are History

This represents Google looking beyond passwords. And it’s far from the only technology company doing so. While most of us are still stuck using passwords—in some cases, really bad passwords The Worst Passwords of 2018, Revealed We now know the worst passwords of 2018. These are the passwords you should never use, even if Kanye West tells you to do so. Read More —other methods are easier and much more secure.

Related topics: Android Apps, Biometrics, Fingerprints, Password, Touch ID.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest