W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] Feature request: Add API for android finger print reader

From: Marc Bornträger via GitHub <sysbot+gh@w3.org>
Date: Mon, 23 Oct 2017 08:39:52 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-338587979-1508747991-sysbot+gh@w3.org>
@emlun thanks for your input. I’m happy I finally found the right place 😄
I think you misunderstood my use case. I neither want to rely on fingerprints alone nor should they be sent to the server. On registration the server will only communicate with encrypted data (based on the fingerprint data) with the client. On this basis the actual fingerprint data never leaves the client.  I also think the fingerprint should never be stored on the server itself.

I like the idea from @jyasskin. Are there possibilities where it matters how the client was securerly authenticated? Or is any other auth way as good as fingerprint?

I just see the benefit of usability of fingerprint/face recognition. Think it’s definitely worth mentioning somewhere 


-- 
GitHub Notification of comment by BorntraegerMarc
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/659#issuecomment-338587979 using your GitHub account
Received on Monday, 23 October 2017 08:40:00 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:29 UTC