FIDO Alliance has announced that Android is now FIDO2 Certified. This support is available on devices running Android 7.0 or newer and will be enabled automatically through a Google Play Services update.
A FIDO2 certification allows devices to authenticate compatible apps or websites using the security system built into the phone instead of using less reliable and secure username and password systems that can be hacked or phished. A FIDO2 device can authenticate within a compatible or website using the fingerprint sensor or facial recognition system built into their device. As before, this information never leaves your phone and is simply used to authenticate you to the app or website.
FIDO2 is made up of W3C’s Web Authentication specification and Client to Authenticator Protocol (CTAP) from FIDO Alliance. The specification is currently supported by Firefox, Chrome, and Edge and in preview mode on Safari. Website developers will have to add support for it while building their websites, as will native app developers.
As the users, you don’t really have to do anything. As long as your phone supports one of these authentication methods and have a device running Android 7.0 and above, you should be good to go when developers start adding support.