In the modern digital landscape, a user’s first encounter with an app is often the most important. Yet, for decades, this initial conversation has been hampered by conflicts with traditional verification methods. Today, we are excited to announce a New verified email credential released by Google<\/a>Which developers can now get directly from Android’s Credential Manager Digital Credential API.<\/p>\n The “current era” of authentication is defined by the trade-off between security and convenience. To ensure that the user is the owner of the email address they provided, you typically rely on a one-time password (OTP) or “magic link” sent by email or SMS.<\/p>\n While effective, these traditional steps present significant barriers:<\/p>\n Google now issues cryptographically verified email credentials directly to Android devices. It is delivered via verified email credentials Credential Manager API<\/a>which is the implementation of android W3C’s Digital Credential API<\/a> Standard.<\/p>\n For users, this completely removes the need to manually verify their emails through external channels. For developers, the API securely delivers these verified user claims for any scenario, whether you’re building an account creation flow, recovery process, or high-risk step-up authentication.<\/p>\n While this specific verified email address is obtained securely from their Google account on the user’s device, the underlying digital credential API is issuer-agnostic. This fosters an open ecosystem, allowing any digital credential holder to offer that verification on your app with an email claim.<\/p>\n The beauty of this API lies in its simplicity for the end user. Instead of having to look for an OTP code, the experience is integrated directly into the Android OS:<\/p>\n Speed \u200b\u200bup onboarding by receiving a verified email as soon as the user taps “Sign Up.” We strongly recommend that you combine verified email retrieval with passkey creation, which is also part of the Credential Manager API:<\/p>\n Note: You may also find other unverified fields such as user’s given name, family name, first name, profile picture, and the hosted domain associated with the verified email.<\/em><\/p>\n Eliminate the frustration of users looking for recovery codes in their spam folders by allowing them to recover their account using verified emails stored securely on their device.<\/p>\n <\/p>\n Protect sensitive user actions, such as changing settings or updating profile details, by requiring a quick re-authentication step. Instead of OTP, you can provide low-friction verification using the device’s verified email.<\/p>\n <\/p>\n When you design your authentication architecture around the Digital Credential API, keep the following details in mind:<\/p>\n
<\/span><\/p>\nProblem: Authentication Friction in the Modern Age<\/h2>\n
\n
Solution: seamless, verified email<\/h2>\n
user experience<\/h2>\n
\n
\n
Use Case 1. Sign up<\/h2>\n
![](\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgrkwBoNh5swqed4VY1XpXFkClSeuytxVntwZHc1t33e6_N49ra3ja_C4d9m_kE9GUuA2AvXz7696z08MAop8fcK1Ac69MB9QnQcBc4Qy-VYPwjjksvUEVzvSwvFRPocxWEVUv71EodUFWOMgBDiTI7TDTys7kqKMVHCpi4R-yDpzGkJVJpPx5Im1r2Yqk\/s8419\/Streamline-user-animation-V02%20Blog.png\")
<\/a><\/div>\nUse case 2. Account Recovery<\/h2>\n
<\/a><\/div>\nUse case 3. Re-authentication for sensitive tasks<\/h2>\n
<\/a><\/div>\nimportant ideas<\/h2>\n
\n
\n
Conclusion and next steps<\/h2>\n