The internet was not designed with security in mind, but new standards are helping to ensure that users can continue to safely and easily interact with it. A standard called FIDO2 WebAuthN allows users to login to their accounts online using their biometrics, mobile devices, or FIDO security keys — and with much higher security over passwords alone. Andrey Ovcharov, a hobbyist electrical engineer, is working on implementing a custom FIDO2 Authenticator with his hardware project URU Key.
URU Key is a standalone wireless biometric WebAuthN authenticator about the size of a small flash drive. It features a GROW R300 fingerprint scanner, ESP32 microcontroller for wireless data transfer, ATECC508A security chip, and a few LEDs for user feedback. Ovcharov is designing URU Key to easily interact with WebAuthN web applications so the user can power on their URUKey and scan a registered fingerprint to authenticate themselves instead of using their mobile device.
Ovcharov has been working on URU Key, which he derived from "You-Are-You," for about six months now and is currently deciding on power options for his board. Check out his continuing progress by following his project page!