However, the good news is that if you were hoping for a similar level of protection on the web, it appears that support for Face ID and Touch ID will soon be coming to websites that implement Apple’s Web Authentication API. This means that in the future, you can log into a website on your iOS device and use either Face ID or Touch ID to authenticate yourself.
This will make it faster and easier to log into websites and users won’t need to remember their login details. As it stands, Apple uses iCloud Keychain to help store passwords and can fill that information in on behalf of users whenever they log into a website, but that means that users will need to use iCloud Keychain to store their credentials. Apple also boasts that by using Face ID or Touch ID, it would help prevent phishing.
According to the company, “But more importantly, it is Phishing-resistant. Safari will only allow public credentials created by this API to be used within the Web site they were created, and the credential can never be exported out from the authenticater they were created in as well. This means that once a public credential has been provisioned, there is no way for a user to accidentally divulge it to another party.”