去年9月，苹果发布新款iPhone，当时详细介绍了生物识别安全技术。苹果表示，如果使用iPhone的Touch ID指纹扫描技术，每5万次识别之中可能会失败一次。而如果采用Face ID扫描面部，失败比例会下降到百万分之一。两种方式不管选哪种，都比单单一个密码要强。
Some of the most popular Web browsers are trying to kill your passwords.
Internet standards organizations the FIDO Alliance and W3C have launched a new specification that allows Web browsers and websites to support biometric encryption methods in place of passwords. The specification, called WebAuthn, is an application programming interface (API) that Web developers can integrate into their websites and allow fingerprint readers and even face scanners like Apple’s Face ID to verify a person’s identity.
According to Engadget, which earlier reported on WebAuthn, Firefox already works with the technology. Google’s Chrome and Microsoft Edge are slated to add support for WebAuthn within the next few months. Apple, which operates its Safari browser, has yet to announce support for WebAuthn.
The move could technically create a more secure Internet. As the rash of hacks, scams, and data breaches have shown over the last several years, passwords alone are not necessarily a suitable safeguard for data. Companies have moved to two-factor authentication, which requires users to input a code sent to their smartphones in addition to a password to verify their authenticity, but that still isn’t as secure as biometrics.
At its iPhone unveiling in September last year, Apple talked in detail about biometric security. The company said that its Touch ID fingerprint scanner could be duped in 1 in 50,000 cases. That jumped to 1 in 1 million cases with its Face ID face scanner. Either way, that’s better than a simple password.
Still, passwords aren’t dying anytime soon. While WebAuthn has officially launched, it’s still considered a “recommendation” and could be modified before it becomes a standard. The recommendation paves the way for websites and browsers to support alternatives to passwords, but now the onus is on website owners and browser companies to support it.