Share My Creation FIDO2: Passwordless Authentication with B4J and BANano

It has been a hell of a week, but I finally succeeded in implementing FIDO2 Passwordless Authentication in B4J ?

Passwordless authentication is an authentication method in which a user can log in to a computer system without the entering a password or any other knowledge-based secret. You may have heard about it the last weeks in the news that Google, Apple and Microsoft will start using this.

This implementation lets you login on a BANano Website with e.g. a fingerprint!

Server Side: a B4J jServer (BANanoServer) to handle the 12 step authentication process using Webauthn.
Client Side: a BANano WebApp using the Web Authentication API

The process is very easy for the user (note that nothing needs to be installed on the phone):

1. Register once
1653059215162.png


Pick your phone for example (this option requires both your PC and Mobile phone to have Bluetooth enabled):

1653059269035.png


On your phone, a notification comes up. You open it and you are asked to identify with your fingerprint (I'm not allowed to take a screenshot, but it looks something similar like this)

1653059696187.png


You can also e.g. use your phones unlock PIN. Once you identified, the WebPage shows you are registered and gives you a Recovery Token in case e.g. you have a new phone:

1653059844352.png


2. From now on, I can always login on my WebApp with just my finger print. Procedure is the same, press login -> pick phone (or a USB key) -> identify with fingerprint -> and I'm logged in.

1653059951441.png


This is truly amazing technology! It was hard to implement, as the documentation is still very rudimentary and technical so this was quite the challenge. But it works with B4J!

Very Happy !

Alwaysbusy
 
Last edited:
Top