Security Experts:

Autofill Through Biometric Authentication Coming to Chrome

Google this week announced a series of security and ease-of-use improvements for the Autofill feature in Chrome.

Designed to help users fill in forms in a secure manner, everywhere on the web, Autofill is about to become more secure when it comes to credit card numbers, Google says.

For those users who save credit cards in their Google Accounts, Chrome typically asks for confirmation when autofilling a form.

Until now, users needed to provide their CVC to confirm they allow the operation, but moving forth biometric authentication, such as a fingerprint, can be used for confirmation.

Thus, users will need to provide the CVC only the first time they use the credit card, while for the following transactions the credit card will be confirmed solely through biometrics.

“Biometric authentication is optional. You can choose to confirm your card with its CVC and you can also turn this feature on and off in Chrome Settings at any time,” Google explains.

The Internet giant also explains that Chrome leverages the W3C standard WebAuthn to ensure that users are securely enrolled for biometric authentication and that users should rest assured that their data is safe.

“Biometric information never leaves your device,” the company says.

The feature has been rolled out to Windows and Mac and is expected to arrive on Chrome for Android in the coming weeks.

Another feature coming to the Android version of the browser is new touch-to-fill functionality for passwords. Thus, Chrome’s password manager will automatically present the saved accounts for the accessed website, for increased convenience.

“It allows for one-handed sign-in without requiring you to scroll to the respective form fields to choose an account,” Google says.

Using a password manager such as the one integrated in Chrome should also help users avoid phishing attacks, as the technology suggests sign-in options for legitimate sites only, but not for phishing pages.

Related: Chrome 84 Brings 38 Security Patches, Resumes CSRF Protection Rollout

Related: Cisco Discloses Details of Chrome, Firefox Vulnerabilities

Related: Tens of Malicious Chrome Extensions Used in Global Surveillance Campaign

view counter