[4] WebUSB is a set of API calls that enable access to these hardware devices from web pages.
[1] The WebUSB API provides a safe, and developer familiar means of communication to edge devices from web pages.
Early versions of WebUSB came out around as an alternative to Flash, Chrome Serial, and other custom approaches to connecting browsers to hardware.
WebUSB aims to solve the four goals of any interface being; fast to make, cross platform, look good, accessibility.
Devices such as lights, thermometers, HVAC, motors are increasingly integrated into centralised internet control servers.
The WebUSB's API framework standardises disparate protocols and is able to expose non-standard Universal Serial Bus (USB) compatible devices to the web.
[9] WebUSB has formed a cornerstone of the BIPES (Block based Integrated Platform for Embedded Systems) architecture framework.
Connecting such a port to an internet facing application introduced a new set of security risks and massively expanding the attack surface for would be malicious actors.
[1] Other security considerations included created a public registry of approved connections, but this idea was ultimately scrapped as it required vendors to develop devices with WebUSB in mind.
WebUSB in combination with special purpose devices and public identification registries can be used as key piece in an infrastructure scale solution to digital identity on the internet.
The security investment in WebUSB makes it a suitable software component in connecting identifiable devices to the internet.
[1] Recent research has shown the fallibility of SMS based authentication highlighting how key pieces of the infrastructure can be subverted.
[13] Cryptographically secure solutions for personal identification exist with support from government and specialised hardware.
[10][13] A model system for multi-factor authentication uses WebUSB in tandem with an identifying hardware such as an ID card built to ISO/IEC 7810:2003 ID-1[15] standards.
WebUSB would then act as a middle man in facilitating the transfer of data stored on the hardware to a given web server.
For instance in order to instantiate a connection navigator.usb.requestDevice() can only be called through user gesture, such as touch or mouse click.