The Google Chrome Android and Android are getting support for passkeys, a new security feature designed to replace traditional passwords, the company revealed.
inside Blog Posts (Opens in a new tab)Google said that users will now be able to create and use passkeys on Android devices, which will be securely synced through Google. Password manager (Opens in a new tab).
On the other hand, developers will be able to integrate passkey support on their sites for end users using Chrome via the WebAuthn API, on Android, and other supported platforms.
Eliminate weak passwords
Those eager to try out the new features will need to sign up for the Google Play Services beta and use Chrome Canary. Google says general availability on stable channels for both features is expected “later this year,” which means we shouldn’t wait too long.
Passkeys were first announced by Apple in the summer of 2021, and were described by the company as “a new way to make the web a safer place,” with weak and recycled passwords being one of the most common causes of data breaches.
Adler explained that passkeys use “strong cryptographic techniques and biometrics built into the device” to keep accounts secure, with users simply needing to use TouchID or FaceID to authenticate a new web app, mobile app or service in order to create a passkey.
Darren Adler introduced the Security Key feature to the world at WWDC 2022, Apple’s Vice President of Internet Technologies, describing passkeys as “more secure, easier-to-use, next-generation credentials intended to replace The password (Opens in a new tab) for good.”
Google appears to share this assessment, with its announcement calling it a “more secure alternative to passwords and other perishable authentication factors.”
The company says that passkeys cannot be reused, do not leak in server breaches, and protect users from phishing attacks. It’s built to industry standards, works across different operating systems and browser systems, and can be used for both websites and apps.
Google’s next milestone in this process is the Android native app programming interface, which is coming later this year. The company added that passkeys generated through the web API “will work seamlessly” with applications within the same domain, indicating that the move is part of a larger transition. The applications’ native API will provide a unified way to allow users to choose between a passkey and a saved password.
“A seamless and familiar user experience for both passwords and passkeys helps users and developers gradually transition to passkeys,” Google concluded.