Google has announced a new verified email credential for Android, accessible via the Android's Digital/W3C Digital credential API. Instead of relying on OTPs or magic links, developers can now retrieve a cryptographically verified email address directly from a user's Google Account through a native bottom-sheet UI requiring just one tap. The feature covers three main use cases: sign-up, account recovery, and re-authentication for sensitive actions. Only consumer Google accounts are supported currently, and the API is issuer-agnostic by design. Google recommends pairing verified email retrieval with passkey creation for a fully frictionless onboarding flow.
Table of contents
The Problem: Authentication Friction in the Modern EraThe Solution: Seamless, Verified EmailUser ExperienceUse case 1. Sign upUse case 2. Account recoveryUse case 3. Re-authentication for sensitive actionsImportant ConsiderationsConclusion and Next stepsSort: