It has been a hell of a week, but I finally succeeded in implementing FIDO2 Passwordless Authentication in B4J ?
Passwordless authentication is an authentication method in which a user can log in to a computer system without the entering a password or any other knowledge-based secret. You may have heard about it the last weeks in the news that Google, Apple and Microsoft will start using this.
This implementation lets you login on a BANano Website with e.g. a fingerprint!
Server Side: a B4J jServer (BANanoServer) to handle the 12 step authentication process using Webauthn.
Client Side: a BANano WebApp using the Web Authentication API
Pick your phone for example (this option requires both your PC and Mobile phone to have Bluetooth enabled):
On your phone, a notification comes up. You open it and you are asked to identify with your fingerprint (I'm not allowed to take a screenshot, but it looks something similar like this)
You can also e.g. use your phones unlock PIN. Once you identified, the WebPage shows you are registered and gives you a Recovery Token in case e.g. you have a new phone:
2. From now on, I can always login on my WebApp with just my finger print. Procedure is the same, press login -> pick phone (or a USB key) -> identify with fingerprint -> and I'm logged in.
This is truly amazing technology! It was hard to implement, as the documentation is still very rudimentary and technical so this was quite the challenge. But it works with B4J!
Very Happy !
Alwaysbusy
Passwordless authentication is an authentication method in which a user can log in to a computer system without the entering a password or any other knowledge-based secret. You may have heard about it the last weeks in the news that Google, Apple and Microsoft will start using this.
This implementation lets you login on a BANano Website with e.g. a fingerprint!
Server Side: a B4J jServer (BANanoServer) to handle the 12 step authentication process using Webauthn.
Client Side: a BANano WebApp using the Web Authentication API
The process is very easy for the user (note that nothing needs to be installed on the phone):
1. Register oncePick your phone for example (this option requires both your PC and Mobile phone to have Bluetooth enabled):
On your phone, a notification comes up. You open it and you are asked to identify with your fingerprint (I'm not allowed to take a screenshot, but it looks something similar like this)
You can also e.g. use your phones unlock PIN. Once you identified, the WebPage shows you are registered and gives you a Recovery Token in case e.g. you have a new phone:
2. From now on, I can always login on my WebApp with just my finger print. Procedure is the same, press login -> pick phone (or a USB key) -> identify with fingerprint -> and I'm logged in.
This is truly amazing technology! It was hard to implement, as the documentation is still very rudimentary and technical so this was quite the challenge. But it works with B4J!
Very Happy !
Alwaysbusy
Last edited: