Biometric authentication systems often rely on centralized servers for processing and storage of biometric data, raising privacy and security concerns. This paper presents WebBioAuth, a browser-native multimodal biometric authentication framework that performs face recognition and speaker verification entirely on the client device without transmitting biometric data to external servers. The system integrates lightweight models including YOLOv8-nano for face detection, MobileFaceNet for facial embeddings, and MFCC-GMM for speaker verification.We introduce Quality-Aware Adaptive Fusion (QAAF), which dynamically adjusts modality weights based on input quality to improve authentication reliability. Biometric templates are protected using cancelable random projection transformations and encrypted local storage.Experiments on the WebBioAuth dataset demonstrate that the proposed system achieves 95.2\% accuracy with 4.8\% EER while maintaining sub-500 ms inference latency across multiple browsers, showing that privacy-preserving biometric authentication can be implemented directly within web browsers.