top of page
Blog article

Blog article

Using WebAuthn with the Touch ID on Mac


Testing an early development preview of the Touch ID WebAuthn Platform Authenticator in Chrome Canary

Recently, there has been a lot of buzz surrounding Chrome, Firefox, and Edge’s decision to implement WebAuthn and standardize W3C. Further, WebAuthn can be used through TouchID in Chrome Canary.


This article will cover the installation of Chrome Canary and a sample run of using WebAuthn through Mac’s Touch ID.


Environment Information


・Mac Book Pro with Touch Bar for document creation

・Chrome Canary version 69.0.3468.0 or later


Installing Chrome Canary


Download Chrome Canary from here.

Run the downloaded "googlechrome.dmg."

Drag and drop "Google Chrome Canary.app" into the application


Optionally Launch Chrome Canary


Start a terminal and execute the following commands.

By adding "-enable-fetures=WebAuthenticationTouchId" to the options, Touch ID will be enabled in WebAuthn.


WebAuthn is now ready to be tested through Touch ID at the WebAuthn demo site.


Testing Touch ID through the WebAuthn demo site


Access this demo site.


Select "REGISTER NEW CREDENTIAL" and register credentials.


After making the selection, the user will be asked for Touch ID.

Touch Bar side

Touch it, and credential information will be registered.

The details of the registration information are omitted here.

Next, perform authentication using the credential information.

Select "AUTHENTICATE."

After selecting, the user will be prompted for Touch ID.

Touch Bar side

Touch to successfully authenticate.


This feature is currently limited to Chrome Canary, but it will hopefully be implemented in other browsers in the future.


The next section of this article will focus on a few use cases for these web services.



For this use case, consider the accessing of a web service.


In most cases, users may utilize the Touch ID on their Mac to access these services.


However, they may not always use the same device to access web services.


To combat this, users can register an external device in advance, which can be used to guarantee secure access even in the absence of the original device.


While this concludes this article, please check back here for more of the latest updates.




Comments


bottom of page