Skip to main content

Safari is about to have a huge security advantage over Google Chrome

 

If you use an iPhone or an iPad, you’ve been able to launch your favorite banking app and authenticate using your biometrics in lieu of a password since Touch ID’s debut, and now Apple is looking to expand password-less logins to websites. At the Worldwide Developers Conference, Apple informed developers that Safari 14 will bring Face ID and Touch ID to websites that support Fast Identity Online (FIDO) logins on iOS, iPad OS, and macOS.

Recommended Videos

The feature, based on Web Authentication and implemented by Apple as Platform Authenticator, is expected to arrive by the end of the year and will debut with iOS 14 and macOS Big Sur, the Mac-maker stated.

Apple revealed the new FIDO-based login in the release notes for Safari 14 beta. The company stated that it had “added a Web Authentication platform authenticator using Face ID or Touch ID, depending on which capability is present.” Essentially, Apple combines your Face ID or Touch ID with credentials that are stored on the device’s secure enclave.

This leads to multifactor authentication in just a single step, Apple WebKit engineer Jiewen Tan said.

mbile trends FaceID
Elijah Nouvelage/Getty Images

Biometric login on Safari websites will work in a similar way to how Sign in with Apple works. When you visit a compatible site that supports FIDO authentication, you’ll need to initially log in by entering your username and password for the initial visit. On subsequent visits, you’ll be greeted with a pop-up asking if you want to use your fingerprint or face to log in. The feature is built using the FIDO 2 standard, as Apple had joined the alliance earlier this year.

Unlike saved iCloud keychain passwords under the current version of iOS, for example, that auto-fills your username and password saved on iCloud, password-less FIDO logins will allow users to directly log onto the website using biometric authentication without the username and password being entered into the respective fields on the web page. The new system will make accounts more secure, as it won’t be tied to your username or password. And while websites that present high-security content may ask you to re-sign in with your physical username and password every so often, FIDO’s biometric logins don’t come with the same restrictions.

“But more importantly, it is Phishing-resistant,” Apple told developers during a WWDC 2020 engineering session, according to a MacRumors report. “Safari will only allow public credentials created by this API to be used within the web site they were created, and the credential can never be exported out from the authenticator they were created in as well. This means that once a public credential has been provisioned, there is no way for a user to accidentally divulge it to another party. Cool right?! This is the overview of the Web Authentication standard.”

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
The new Reachy Mini robot can let kids turn play into innovation
The Reachy Mini robot.

The Reachy Mini is an exciting new desktop robot aimed primarily at developers, educators, students, and enthusiasts, or basically anyone interested in creative coding.

There are actually two of them -- Reachy Mini Lite ($299) and Reachy Mini Wireless ($449) -- and both were developed by the prominent AI platform Hugging Face following its recent acquisition of Pollen Robotics. 

Read more
If you’re itching for an HP OMEN MAX gaming laptop, this deal will save you $500
The HP Omen Max gaming laptop with Valorant on the screen.

We've recently published a stunningly positive review of the HP OMEN Max 16. It's got a list of "Pros" a mile long. The single, obligatory con is "Thick and heavy." Considering that it's a gaming laptop, that's practically the equivalent of saying a flashlight is too bright to look at. Thick, and a bit heavy, just comes with the territory. All of this is to say that the review was great and we're fans of the HP OMEN Max 16. As a deal hunter it made me want to go and see if I could find a deal on the HP OMEN Max 16 and I did, sort of. Right now you can get a customizable HP OMEN Max 16t — a laptop that, if it didn't have a separate store page, I would think is identical to the one we reviewed — with a $500 discount, no matter what settings you choose. With the base settings of the laptop, that discount brings it from $2,100 to just $1,600, but you're free to upgrade to your heart's content. Tap the button below to start customizing to your whimsy or keep reading for some advice on how to do so and what to expect from the 16t.

Buy Now

Read more
Google’s AI agent ‘Big Sleep’ just stopped a cyberattack before it started
Sundar Pichai

Google's AI agent, dubbed Big Sleep, has achieved a cybersecurity milestone by detecting and blocking an imminent exploit in the wild—marking the first time an AI has proactively foiled a cyber threat. Developed by Google DeepMind and Project Zero, Big Sleep identified a critical vulnerability in SQLite (CVE-2025-6965), an open-source database engine, that was on the verge of being exploited by malicious actors, allowing Google to patch it before damage occurred. “We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild,” the company said.

Why it matters: As cyberattacks surge—costing businesses trillions annually—this breakthrough shifts defense from reactive patching to AI-driven prediction and prevention. It gives security teams a powerful new tool to stay ahead of hackers, potentially saving devices and data worldwide. CEO Sundar Pichai called it "a first for an AI agent—definitely not the last" according to Live Mint.

Read more