Passkeys are a form of authentication technology that provides a more secure sign-in option to apps and websites. Passkeys provide an easier and safer alternative to passwords and are supported by big technology companies like Apple, Microsoft, and Google.
Passkeys leverage FIDO, a global authentication standard, to prove the person signing in through biometrics or a PIN is who they say they are, and the person meant to have access. It is a more modern form of multi-factor authentication (MFA) than solutions that include passwords or OTPs.
How are passkeys used?
Passkey technology relies on the WebAuthn standard and uses cryptographic keys, which enable passwordless authentication for stronger security. The technology operates from the device customers use to authenticate themselves and is managed by the device’s operating system. As a result, there’s no password data or database that fraudsters can intercept, steal, or buy.
Passkeys are designed to securely sync across a user’s devices. Once a passkey is set up, customers can log in quickly and easily with their chosen method of biometric authentication on that device or any other synchronized profile using their passkey. In other words, a passkey created on an app would also work on the web.
Are passkeys safe?
Passkeys utilize secure FIDO authentication cryptography, which offers stronger resistance to fraud like phishing and credential stuffing. They are more secure than passwords as the data is not stored in a database that can be intercepted. Rather, data is stored on the user’s device and is not shared with other service providers.
Can passkeys replace two-factor authentication (2FA)?
Two-factor authentication comprises two separate authentication factors such as a password plus another factor such as a one-time password. However, 2FA is still vulnerable to fraud attacks. Passkeys use secure FIDO credentials, which make the primary factor more secure than a password plus one-time password authentication solution. What’s more, passkeys are more user-friendly, unlike passwords, which can be easily forgotten.