# Authenticators

An Authenticator s a cryptographic entity used generate a public key credential and registered by a Relying Party (i.e. an application). This public key is used to authenticate by potentially verifying a user in the form of an authentication assertion and other data.

Authenticators may have additional features such as PIN code or biometric sensors (fingerprint, facial recognition…) that offer user verification.

![USB device with fingerprint reader](https://1118136377-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LVNwBmzKc-PDhuJq1DT-2537780914%2Fuploads%2Fgit-blob-10ad08d64797b78eb690319c37c7e7b0f179b01c%2Fimages.jpeg?alt=media)

### Physical Authenticators

The authenticator may have different forms. The most common form is a USB device the user plugs into its computer. It can be a paired Bluetooth device or a card with NFC capabilities.

![Webauthn compatible devices](https://1118136377-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LVNwBmzKc-PDhuJq1DT-2537780914%2Fuploads%2Fgit-blob-64b2450087e4895df6ae36805cb5bc8f992c9f00%2Ffido2.jpeg?alt=media)

### Software-Based Authenticators

The authenticator can also be software based and integrated in an Operating System ; for example the smartphone using Android or a laptop with Windows 10 can act as an authenticator.

![Android screenshot](https://1118136377-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LVNwBmzKc-PDhuJq1DT-2537780914%2Fuploads%2Fgit-blob-8645abbb67d65bc7798066f3c5b2ff26b1fb7f5d%2Fwebauthn-android-fennec.png?alt=media)