Overview

In April 2018, the World Wide Web Consortium (W3C) advanced the Web Authentication (WebAuthn) standard to the Candidate Recommendation stage.

This standard defines an application programming interface (API) that can be incorporated into browsers to facilitate public key cryptography-based authentication on laptop and desktop devices. Developed in conjunction with the FIDO Alliance, WebAuthn is a core component of the FIDO2 Project.

Notably, this API offers organizations a framework that can completely obviate passwords in customer authentication, although a number of factors, including customer expectations and hardware limitations, render it unlikely that any organization will eliminate passwords in the near future. Under WebAuthn, the site authenticating the user is able to directly interface with the authenticator, with passwords never making an appearance in the process.

Book a Meeting with the Author

Related content

April 21, 2026
2026 Identity Fraud Study: The Illusion of Progress

The Javelin Strategy & Research 2026 Identity Fraud Study provides a comprehensive analysis of fraud trends amid a changing landscape for technology and payments. Its goal is to in...

March 26, 2026
A Line in the Sand for First-Party Fraud: From Identity to Intent

Financial institutions are seeing rising losses from first-party fraud, yet many still struggle to detect it before the damage is done. Traditional controls confirm who the custome...

February 23, 2026
Crypto Investment Scams: How Banks Can Disrupt These Criminal Operations

Cryptocurrency investment scams have evolved into organized, global operations that are stealing billions of dollars from consumers. Recent enforcement actions and platform disrupt...

Make informed decisions in a digital financial world

Let's Connect