Brave-browser: [Android] U2F NFC keys not working on Android

Same issue here on OnePlus 6T (Android 9), Brave 1.0.89 / Chromium 73.0.3683.90.
This is quite annoying because if you have only U2F assigned to google account then there is no way you can log in through Brave at all.
However, logging through Chrome works (it uses Google Authenticator for U2F through NFC)

Same here, Google pixel.

Same here, pitty that it cant be used with my nfc u2f fido stick.

Still seeing the same issue here, hopefully it'll be prioritised soon.

Same here (Galaxy S9, Brave 1.0.95, Chromium 74.0.3729.157 on Android 9). Login with Google Chrome with the same version (74.0.3729.157) on the same phone works.

Same issue. Moto G7, Brave 1.0.95, Chromium 74.0.3729.157, Android 9. Chrome U2F works.

Same - One Plus 7 Pro, Brave 1.0.95, Chromium 74.0.3729.157, Android 9

We could provide a FIDO implementation if the Brave team is interested: https://hwsecurity.dev/fido/

Upstream Chromium already supports it, so isn't it a matter of catching up to latest Chromium ?

@mderazon On Android this feature is implemented by starting an authenticator Activity of the Google Play Services. Google Play Services are not part of the open source version. Thus, nope it is not available in the latest Chromium on Android.

Brave depends on Google Play Services in a bunch of ways, and that's not something we're currently looking to get out of.

Is it possible to do a separate/dedicated implementation on brave instead of relying on Google's authentication service?

I have the same problem trying to access with secure key the Playground on https://demo.yubico.com. Seems like neither Google Chrome of Brave supports U2F NFC devices natively. I have tested 7 different Android devices so far, with different set of installed applications. No luck. So I can presume, there is very general problem with U2F that might not be entirely due to the lack of NFC or USB code in the open source version of Chromium. Note that, even in Google Chrome for Android, there is only experimental support for U2F NFC keys and U2F USB keys (it requires Google Authenticator, which is not updated since August 22, 2017!). I don't expect to see in the near future any mobile browser that supports U2F NFC / U2F USB devices natively.

@vessokolev When I tested https://demo.yubico.com with a friend's phone (Oneplus 5, latest OxygenOS, Chrome) it worked. But AFAIK Chrome is currently the only Android browser which supports U2F via NFC. On my custom ROM without GAPPS however, even Chrome fails, I guess because the Play-Store libraries aren't available.

Is there a tracking issue for USB? I can't even get my USB C YubiKey working on latest Android on Pixel 1. U2F over USB works great for me on Linux desktop.

All U2F/WebAuthn is currently broken on Android, and the fix is part of a relatively-substantial refactor.

Multiple +1 from https://community.brave.com/t/u2f-yubikey-nfc-not-working-in-brave-android/83929/5

Not working on my Pixel 3 XL and it's really annoying. I love Brave on Android, but this lack of functionality breaks the browser in significant ways.

+1 from https://community.brave.com/t/signing-in-to-google-with-fido2-key-mobile-browser/88530/2

Brave on Android is still mid-refactor, and it probably won't be finished until the end of the year. Until then, there aren't many options for fixing anything but the showstopperiest bugs.

Is there any news, or way I can help with this? Google has been upping the marketing for their Titan Security Key in the UK this new year and I am now effectively locked out of my Google account on Brave as I can't authenticate using mine.

@jphastings No, there's nothing to be done here until the major refactor is shipping. @anthonypkeane & @SergeyZhukovsky should know the most about the timing for that.

Any update? Having the same issue. Will come back to Brave when its ready.

Is there a workaround for this? I have other 2fa methods (authenticator, push) but it just spins on waiting for my yubikey and never gives me an alternative method. Is there some way to force auth to use a different 2fa method?

Is there a workaround for this? I have other 2fa methods ... Is there some way to force auth to use a different 2fa method?

Depends on the service. Usually there is a button with something like 'try another method'.

This is a major blocker for users of Google Advanced Protection as that mandates a hardware key.

Depends on the service

Oh sorry yeah I mean specifically for google sign-in. It doesn't seem to fall back to other methods, it just tries forever. I still haven't been able to figure out how to sign into google from brave 🤷‍♂.

This is a huge issue for me. I have dozens of 2FA logins setup with no alternative login method, because that would compromise security.
I sure hope no Brave users are setting up an alternative login method just to be able to use Brave.

This is currently a blocker for me for using Brave as my default browser on my phone. To be more specific why - I use Google login on some news sites which I pay for. So without being able to log in to my Google account I cannot access the articles behind the paywall. Is this planned to be fixed? As others mentioned, it is not possible to log in to a Google account with e.g. a Yubikey. I personally don't want to change my Google account setup just because of a bug in my mobile browser.

As an "workaround" you could use vanilla chromium 84.0.xx, when logging to a google account, it skip U2F check and allow you to select another 2FA method. You can download it there : https://chromium.woolyss.com/#android

I know that's not brave but at least it's not google chrome either ...

As an "workaround" you could use vanilla chromium 84.0.xx, when logging to a google account, it skip U2F check and allow you to select another 2FA method. You can download it there : https://chromium.woolyss.com/#android

This defeats the purpose. We WANT to use U2f.

cc: @jumde

I've the same Issues!
Running Brave 1.9.80 /chromium 81.0.40.44.138) on android 10 (H8324 Built 52.1.A.2.1) and i can't login via NFC to accounts.google.com, either i can't skip the screen to use another 2FA.
But with firefox 68.9.0 on the same phone even the U2F with NFC works.

So what is the problem that we can't use it with brave?

With the recent update I can at least switch to a different 2FA auth for the google login. Still no U2F working

Brave 1.10.94, Chromium 83.0.4103.106

I can confirm this is still an issue. Can't use my YubiKey with Brave for Android, even though the current Chrome build has full support for it.

Could we possibly get an official update on whether this is somewhere in the devs' backlog?

Is there any update here?