Face ID and Touch ID Logins Coming to Websites With Safari Web Authentication API - MacRumorsOpen MenuShow RoundupsShow Forums menuVisit ForumsOpen Sidebar
Skip to Content

Face ID and Touch ID Logins Coming to Websites With Safari Web Authentication API

by

Apple allows Touch ID and Face ID to be used in lieu of a password to access sensitive apps like those for banking or password management, and in the future, ‌Face ID‌ and ‌Touch ID‌ will also be able to be used for authentication purposes when logging into a website.

faceidwebsites
Apple outlines the feature in a WWDC20 engineering session called "Meet ‌Face ID‌ and ‌Touch ID‌ for the web," which covers how web developers can use ‌Face ID‌ and ‌Touch ID‌ on their websites with the Web Authentication API.

An initial login on a website that supports the feature will require a username, passcode, and two-factor authentication code to be entered, but after that, ‌Face ID‌ or ‌Touch ID‌ can handle the login process. Signing in this way will require users to click on the sign in button, after which Safari will ask for confirmation. With the confirmation, a ‌Face ID‌ (or ‌Touch ID‌) scan is done, and the user is able to log in.

Apple says ‌Face ID‌ and ‌Touch ID‌ authentication is beneficial because it's frictionless, simple, and secure. The online session described it as "phishing resistant."

But more importantly, it is Phishing-resistant. Safari will only allow public credentials created by this API to be used within the Web site they were created, and the credential can never be exported out from the authenticater they were created in as well. This means that once a public credential has been provisioned, there is no way for a user to accidentally divulge it to another party. Cool right?! This is the overview of the Web Authentication standard.

Additional detail about the feature, including instructions on how web developers can enable it, can be found in the full video along with the accompanying resources.

Popular Stories

macOS 27 on MacBook Pro

Apple Says macOS 27 Won't Be Compatible With These Macs

Wednesday June 3, 2026 8:29 am PDT by
During WWDC 2025, Apple revealed that macOS 26 Tahoe would be the final major macOS version for Intel-based Macs. macOS 27 will be compatible with Apple silicon Macs only, meaning that you will need a Mac with an M-series chip or a MacBook Neo with an A18 Pro chip in order to install the software update. Apple will unveil macOS 27 during its WWDC 2026 keynote this Monday, June 8, and the...
Read Full Article90 comments
MacBook Neo on Yellow Feature

MacBook Neo is So Popular That Apple Reportedly Doubled Production

Wednesday June 3, 2026 9:24 am PDT by
On an earnings call in late April, Apple's CEO Tim Cook said that customer response to the MacBook Neo was "off the charts," and the popularity of the laptop has reportedly led the company to significantly boost production. Apple supply chain analyst Ming-Chi Kuo this week said he believes that MacBook Neo shipments to Apple were doubled from an initial target of 5 million units to 10...
Read Full Article114 comments
iphone 18 pro blue%402x

iPhone 18 Pro: Dark Cherry, Light Blue, and Dark Gray Chassis Leaked [Update]

Thursday June 4, 2026 5:18 am PDT by
Update: Since publication, new information has come to light suggesting the images have been AI-manipulated and are not in fact iPhone 18 Pro chassis parts. The original article follows. The color options Apple is reportedly planning for the upcoming iPhone 18 Pro and ‌iPhone 18 Pro‌ Max have appeared online today in the form of images of chassis parts of unknown authenticity....
Read Full Article74 comments

Top Rated Comments

swm Avatar
swm
78 months ago
i see the future, where the password manager app developers protest for a senate hearing about apple's monopolistic business practices
Score: 12 Votes (Like | Disagree)
K
konqerror
78 months ago

What if you have a non Apple device in your family of Apple devices?
You can’t very easily login there. I hope Apple will work with IEEE to set a standard for this so everyone can participate.
This is already a standard, called FIDO2. If you have non-Apple devices, sites allow multiple keys, or simply forget this and use an external USB/NFC/Bluetooth key.


I don’t really see how this is much more convienient that just using FaceID to grant access to the keychain?
One: it is phising-resistant, two: if the data was intercepted or the other side has a database leak, the information is worthless since it cannot be used for future logins.
Score: 5 Votes (Like | Disagree)
K
konqerror
78 months ago

I know FIDO2, that’s different. It’s basically a hardware token system. It’s not compatible with Sign In with Apple, which is SSO via Apple.
Did you read the article? It's saying that Apple platforms will act as a built-in FIDO2 authenticator; something that Windows and Android already do today.

Exactly like Microsoft did, they implemented FIDO2 locked to their own site first, and are now expanding it to other sites.
Score: 4 Votes (Like | Disagree)
ArtOfWarfare Avatar
ArtOfWarfare
78 months ago

so I believe Sign In with Apple creates/connects an account with your Apple ID

This is basically a faster FaceID/TouchArcade reauthentication for your existing accounts.

The video demos it.

arn
TouchArcade 🤣🤣🤣
I assume autocorrect strikes again.
Score: 4 Votes (Like | Disagree)
K
konqerror
78 months ago

It's hard to know how this will work. Currently websites save cookies to keep track of you and your logins. If sounds like if you have logged in to a website it will save the (let me always log in to this website without re-authenticating) cookie and just add faceid as a double-check method. For me I would rather not be continuously logged in to a website. This also wouldn't work for Private mode. I am also often logging in with multiple accounts so this would not help as much.
Microsoft has this fully implemented today. All that has changed is the sign in screen where it asks you for your e-mail now has a link that says "Sign in with Windows Hello or a security key". You click that, authenticate via fingerprint, face recognition, or PIN. It asks you whether you want to save the sign-in, you hit yes/no, and then you're signed in.

In private mode, you're only allowed to use an external security key, but it works otherwise. You can have multiple accounts provisioned as well, it displays a list of possible accounts to use.
Score: 3 Votes (Like | Disagree)
dwaltwhit Avatar
dwaltwhit
78 months ago
I can’t wait til we don’t even use passwords anymore
Score: 3 Votes (Like | Disagree)
Read All Comments