Google Chrome web browser has implemented FIDO Alliance authentication standards.
The web browser is strengthening its 2-Step Verification by offering support for Security Key, a FIDO Ready U2F compliant physical USB second factor device that offers better alternative to today’s six digit one-time passcodes (OTP).
Google’s new Security Key solution offers more protection for their users.
Rather than typing a code, the user inserts a Security Key into their computer’s USB port and taps it when prompted in the Google Chrome browser.
When signing into a Google Account this way, users can be assured that their second factor cannot be phished, because Security Key doesn’t provide its cryptographic signature when a fake site is attempting to impersonate a Google sign-in page in Chrome.
Chrome incorporates the open FIDO Universal 2nd Factor (U2F) protocol, so other websites with account login systems can now build support for FIDO U2F into their web applications and instantly enable this experience for their users who run Chrome.
Security Key works with Google Accounts at no charge, and users can buy a compatible USB device directly from any tested and approved FIDO Ready U2F vendor.
“We’re glad to participate in the FIDO Alliance, and to bring FIDO U2F support to Google and to Chrome,” said Sampath Srinivas, product management director at Google and FIDO Alliance board member.
Several FIDO Alliance members are announcing their product lines of FIDO Ready devices that work with Google’s Security Key feature and any future deployments of FIDO U2F authentication. These FIDO Ready devices enable online service providers, enterprises, and users to take advantage of FIDO U2F authentication.