The 3 Best Two-Factor Authentication Apps of 2024 | Reviews by Wirecutter



android user authentication :: Article Creator

Android App Authentication Just Got Simpler With Credential Manager

Android developers now have a better way to authenticate users using the new Credential Manager. 

Credential Manager is a Jetpack API that brings together various sign-in methods into a single API, which will make it easier for users to become authenticated, regardless of their preferred sign-in method. 

According to the Android team, the simplification provided by Credential Manager will enable users to sign-in without worrying about the underlying authentication technology. 

These days, users are often dealing with multiple sign-in methods, with some of those being parallel ways to get into an account. 

Credential Manager aggregates all of the possible sign-in methods while at the same time deduplicating entries for the account. 

In addition to normal sign-on methods like the standard username and password, Credential Manager supports passkeys, which Google has been working to expand support for. The company first introduced support for passkeys for Android and Chrome at the end of last year. 

"Passkeys are a significantly safer replacement for passwords and other phishable authentication factors. They cannot be reused, don't leak in server breaches, and protect users from phishing attacks. Passkeys are built on industry standards and work across different operating systems and browser ecosystems, and can be used for both websites and apps," the Android development team wrote in a blog post at the time. 

The Android development team is currently working to bring support for integrating Credential Manager with third-party password managers.


Mastercard Turns To Biometrics For Passwordless Authentication

As passkey use continues to grow more widespread, Mastercard announces its passkey service, while X also announces passkey support. Android phone users can enable the security key feature on their phones to confirm when they are logging into Chrome.

Mastercard launches biometric authentication via passkeys

Mastercard has launched the Biometric Authentication Service, its passkey offering in line with FIDO standards. The service is designed to replace multi-factor authentication options that are less secure and cause friction.

Mastercard's service uses the biometric systems already built into users' phones and laptops. It allows them to use their face or fingerprint to login to their accounts and make purchases more easily. The feature supports all card brands and other forms of payment. Merchants and financial institutions, says Mastercard, can expect to see reduced costs and improved customer experience.

The service could streamline scenarios such as when a customer makes a unique purchase that would typically trigger multi-factor authentication. Instead, the user would authenticate with their face or fingerprint. Merchants could also enable passkeys on all regular purchases to improve security without creating friction.

X announces passkey support

X has announced passkey support, according to TechCrunch. The feature can help combat recent high-profile account hacks, such as when a bad actor hacked the U.S. Securities and Exchange Commission's X account to share a post claiming the SEC had granted approval for Bitcoin ETFs.

Currently only available on X for iOS, users can set up the passkey feature by logging into the app and navigating through "your account," "settings and privacy," "security and account access," to "security." Under "additional password protection," click "passkey," enter the password, select "add a passkey" and then follow the prompts.

Users can go to the passkey page to delete passkeys as needed.

X removed SMS two-factor authentication for non-paying accounts when Elon Musk took ownership of the app, rebranding it from Twitter

Android users can turn phone into a security key for Chrome

A ZDNet article explains how Android users can turn their phone into a security key for logging on to Chrome browser. With security keys, users attempting to login to Google automatically receive a pop-up on their phone asking to verify the login attempt. The feature only secures the Google account itself. Those who use two-factor authentication for Google products on Android are already using the feature.

To add the security key, users must have the latest version of the Chrome browser and the phone linked to their Google account. Two-factor authentication must also already be set up. Then, open Chrome on the desktop, go to the "Privacy and Security" page in "Settings," and click "Manage Security Keys." Users can add PINs for physical security keys in this section, as well.

Open Chrome on mobile and go to myaccount.Google.Com/security. In the "How you sign in to Google" section tap 2-Step Verification. Then go to the Security Key entry page, tap Add Security Key, select the phone and tap add.

Article Topics

Androidbiometric authenticationbiometricsMastercardpasskeyspasswordless authenticationX (twitter)


WhatsApp Might Finally Introduce Passkey Support For IOS Users

Last year, WhatsApp introduced passkey support for Android users, leaving iOS users feeling left out. However, new indications suggest that this is about to change, as passkeys are reportedly coming to the app on iPhones and iPads.

According to WABetainfo, the go-to source for WhatsApp reports, the latest beta iOS 24.2.10.73 update available on the TestFlight app reveals that Meta is working on adding passkey support for iOS users. The screenshot indicates the development of a new section where users will be able to create their passkeys in a future app update.

Image Credit–WABetaInfo - WhatsApp might finally introduce passkey support for iOS users

Image Credit–WABetaInfo - WhatsApp might finally introduce passkey support for iOS users

Image Credit–WABetaInfo

Creating a passkey allows users to pass the 6-digit login code for account access. This feature enhances security and convenience, as users can use their existing authentication methods like Touch ID, Face ID, or the device passcode.

iOS users, starting with iOS 16, can use passkeys with Face ID or Touch ID, offering a more secure alternative to passwords. Passkeys involve the generation of both a public and private key. The public one is saved on the platform you want to create a passkey for, while the private key is stored securely on your device.

When you want to log in, your device will verify your identity using the public key. This authentication method seamlessly works across devices signed into the same iCloud account.

The WhatsApp passkey feature for iOS is still in development and is expected to be available in a future app update.

Passkeys are becoming more common across various services. Recently, X (formerly Twitter) introduced passkey support for its iOS users, and last year, Google made passkeys the default sign-in method for personal accounts, aiming to establish them as the new standard for authentication.






Comments

Popular Posts

Signal, WhatsApp and Telegram: All the major security differences between messaging apps - CNET

VPN browser extensions: Why you shouldn't use then - Tech Advisor

Police Target Criminal Users of Sky ECC Cryptophone Service - BankInfoSecurity.com