How to enable web app U2F via NFC on mobile

Question

If you attempt to login to github on mobile web, it automatically detects that it's a mobile device and lets you authenticate using a NFC key. I cannot find any documentation for implementing NFC 2FA for mobile web, anyone know how this is done?

Thanks, Kevin

Update:

I have found the vocabulary word for this - its "Webauthn" and apparently there is a way for webauthn to use a U2F device that was registered on a desktop web site on a mobile web site using mobile NFC. I've added the tag in the hopes that someone can help.

Answer 1

So First of all remember "WebAuthn is a standard for browsers". It is shipped in all major browsers as an application programming interface (API) that allow users to login into their accounts using roaming authenticators like security keys (USB that support NFC, USB or BLE), platform authenticators like windows Hello,Touch-ID or even it allow users to use screen lock or fingerprint using android OS 7+. WebAuthn supports the following authentication flows:

• First-factor
• Second-factor
• Multi-factor Authentication

Similar question was asked here you can have a look at it.

For android, Google provides FIDO2 API that acts as a webAuthn client and allow developers to register/authenticate users using fingerprint or screenlock.

Link for android fido2 api: https://developers.google.com/identity/fido/android/native-apps

You can get further information by reading the W3C specifications:

https://www.w3.org/TR/webauthn

A gentle introduction to WebAuthn by Yuri Ackermann

https://medium.com/@herrjemand/introduction-to-webauthn-api-5fd1fb46c285

An example from google Codelab for android app + web Application:

https://codelabs.developers.google.com/codelabs/webauthn-reauth/index.html

I hope this helps you, if you any question please let me know.