May 13, 2022
The trio agree to implement FIDO standards on secure authentication technologies for sign-ins.
Apple, Google and Microsoft have all affirmed their intentions to get rid of passwords – by adopting standards designed to make sign-ins both easy and secure.
The tech giants pledged its support to a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium that gives platforms the ability to offer an end-to-end passwordless option.
Users sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN.
The tech trio argues that this approach protects against phishing and makes signing in “radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS.”
The tech giants are among those supporting the FIDO (Fast IDentity Online) Alliance, which was formed in July 2012 to address the lack of interoperability among strong authentication technologies.
FIDO has since gone on to create standards that define mechanisms that reduce reliance on passwords.
While the likes of Apple and Microsoft adopted passwordless sign-in, previous implementations required users to sign in to each website or app with each device before they can use passwordless functionality.
This announcement will see users of their tech given the ability to automatically access their FIDO sign-in credentials without having to re-enroll every account.
Mobile device owners will also be able to use FIDO authentication to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.
Apple, Google and Microsoft will be adopting such systems later this year.
"Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all [to keep] users' personal information safe,” said Kurt Knight, Apple’s senior director of platform product marketing.
Apple has made use of passwordless sign-in features since 2013 when the iPhone 5S debuted Touch ID, an electronic fingerprint recognition feature that allowed users to unlock devices using their fingerprints.
For unlocking devices, Touch ID would later be phased out when Apple removed the home button from its iPhone and iPads. Replacing it was Face ID, which uses an infrared flood illuminator and dot projector to detect a user’s face.
The tech was initially released on the iPhone X in November 2017 but has since been made available on most iPhone and iPad Pro models.
The tech underlying Face ID originates from infrared depth perception technology developed by PrimeSense, one of the developers behind the Kinect motion sensor for the Xbox console. Apple would go on to acquire PrimeSense in 2013 after Microsoft opted to dial back on Kinect following poor retail reception.
According to Apple, the Face ID system has a built-in feature that purportedly deactivates Face ID should unauthorized scanning components added to the device be detected.
Touch ID would later be incorporated onto keyboards for some Apple Mac devices, last appearing in 2021’s MacBook Pro line.
Microsoft beat Apple to the punch when it comes to using user faces to unlock devices. In 2015, it launched Windows Hello, a biometric authentication system to sign in on Windows 10. Hello can also be used for fingerprints. To use Hello, users require infrared cameras, like Intel’s Real Sense range or a USB fingerprint reader like the Eikon Mini.
“The complete shift to a passwordless world will begin with consumers making it a natural part of their lives. Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today,” said Alex Simons, corporate VP for identity program management at Microsoft.
"By working together as a community across platforms, we can, at last, achieve this vision and make significant progress toward eliminating passwords.”