Google on Monday announced that it is rolling out a new feature that will enable Android device owners to use either the fingerprint scanners on their phones or their PIN unlock code, instead of passwords, to authenticate their Google accounts. The feature has just started rolling out on Pixel devices and is slated to hit all Android 7+ devices over the next few days.
According to Google, the new feature built on the FIDO2, W3C WebAuthn and FIDO CTAP standards that have been developed to help reduce the dependency on passwords. The main benefit of using FIDO2 instead of native fingerprint APIs on Android is that unlike the latter, the former allows the same fingerprints to be used both on the web as well as on apps, which means a user only has to register their fingerprint with a service once for it to work across all its apps and services.
In light of all the privacy concerns surrounding big tech, Google looked to reassure users by clarifying that the fingerprints used during the verification process is never sent to its servers. “It is securely stored on your device, and only a cryptographic proof that you’ve correctly scanned it is sent to Google’s servers”, said the company.
Do note that the password-less sign-in functionality is only available for certain Google Services, so in case you want to try it out for yourself, you can do so by signing into the Chrome browser on your Android phone, navigating to https://passwords.google.com and following the detailed instructions from there.