iOS 14.5 enables an important function for browsers from other manufacturers: The WebAuthn (Web Authentication) standard, which enables passwordless login, is to be supported by all iPhone and iPad browsers from now on – instead of being limited to Apple’s Safari. In terms of the substructure, all third-party browsers in iOS are the same, they must use Apple’s WebKit engine. Certain functions are sometimes reserved for the pre-installed Safari.
Chrome & Co mit WebAuthn-Support
Browsers such as Google Chrome or Firefox become FIDO2-enabled on the iPhone and iPad: Apple supports both external hardware security keys and the login service (“Platform Authenticator”) built into the device for passwordless authentication of web services, as confirmed by a WebKit developer on Twitter. The new feature is not recorded in the release notes of Safari 14.1. Demo pages for the WebAuthn specifications such as webauth.io work accordingly from iOS 14.5 in Chrome, Firefox, Edge and other browsers instead of displaying an error message.
Whether Apple will limit WebAuthn support to specially controlled browsers, which can also be set up as standard browsers on iPhones and iPads, remains unclear for the time being.
Long FIDO hesitation at Apple
Apple has long been a laggard in helping FIDO2. It has only been possible to use WebAuthn on iPhones and iPads since iOS 13.3 was released a year and a half ago. However, Apple has been a member of the FIDO alliance since spring 2020 and has been rapidly expanding support since then and also allows registration via the registration service built into the device instead of using a security key. To protect against misuse, the biometric functions Face ID (face recognition) and Touch ID (fingerprint) integrated in Apple devices are used; they are supposed to allow convenient login on the web.