Web Authentication (WebAuthn)
Web Authentication (WebAuthn) is an open standard that establishes a uniform interface for passwordless authentication to web-based services using Public-Key Cryptography (PKC). A core component of FIDO2, WebAuthn is a joint initiative of the World Wide Web Consortium (W3C) and the FIDO Alliance, a consortium that works to end our overreliance on passwords.
WebAuthn makes use of a website, called the Relying Party, a browser, called the WebAuthn Client, and a FIDO2-compatible authenticator. FIDO2-compatible authenticators can be FIDO U2F hardware tokens or software tokens (on a smartphone), or a Platform Authenticator such as the Android or Windows Hello operating systems.
FIDO2 Certification Badge:
“TLS has brought us a long way in terms of foundational web security. Now, with WebAuthn, we’re entering a whole new phase by making MFA widely available for websites that want to make accessing web services far more secure by more reliably tying the user and device with the activity.”