On 5th May 2022, which was also World Password Day, FIDO Alliance-an open standards organization founded in 2012 to solve password and phishing problems, made an announcement that may change our login experience completely in the near future. They publicly announced that soon we will be getting rid of passwords forever and the world will move towards a new passwordless method based on their FIDO Login standard.
This announcement was important because their alliance members Microsoft, Google and Apple respectively also announced publicly that they will drive the adoption of the FIDO Passwordless login standard which is also now popularly known as ‘Passkeys’.
If you have seen the clips of WWDC2022 (Apple WorldWide Developer Conference), they also talked about Passkeys and illustrated its capabilities. By going a little deep down in Passkeys, anybody can easily predict that this is completely going to replace the conventional login methods within the next 2-3 years. FIDO Alliance defines Passkeys as a password replacement that provides faster, easier, and more secure sign-ins to websites and apps across a user’s devices. Technology giants such as Apple, Google and Microsoft have worked together as part of the FIDO Alliance to develop the Passkey standard. They made sure to make Passkeys highly secure, cross-platform and user-friendly.
Passkeys use public key cryptography. Public key cryptography reduces the threat of potential data breaches. When a user creates a passkey with a site or application, this generates a public-private key pair on the user's device. Only the public key is stored by the site, but this alone is useless to an attacker. An attacker cannot derive the user's private key from the data stored on the server, which is required to complete authentication.
But enhanced security may not be enough for wider adoption! What about the user experience? Will Passkey make the user experience more cumbersome like multi-factor authentication?
The best part of Passkey implementation is that it is not going to change user behaviour much. Setting the passkey the first time for your account and then logging in with that method is going to be a familiar experience. A passkey can replace a password and a second factor in a single step. The user experience can be as simple as autofilling a password form.That adds a great advantage because that will drive user adoption in no time.
FIDO Alliance has dedicated several years towards the formulation of a passwordless authentication protocol that is highly secure and user-friendly and that’s how Passkey has come to reality. However, there was one significant challenge remaining - smooth and secure synchronization of passkeys and interoperability among devices and operating systems. For wider adoption, it becomes important that a user can sign into services on any device using a passkey, regardless of where the passkey is stored. And that’s where Microsoft, Google and Apple showed commitment to bringing a standard protocol to make sure to cover scenarios like a passkey created on a mobile phone, which can be used to sign in to a website on a separate laptop.This is one of the rare moments when these big companies came in unison to develop something that will work beyond their ecosystem of devices and applications and work across platforms. This itself shows the commitment of the entire technology industry to boost Passkey as a true replacement for passwords.
In the recently concluded conference, Authenticate 2022 in October, we saw companies like Paypal and eBay have adopted Passkeys and raved about it. There is visible excitement and tangible benefits to companies who are adopting passkeys. This is what Doug Bland, SVP and GM, Head of Consumer, PayPal said while launching passkeys.
Launching passkeys for PayPal is foundational to our commitment to offering our customers safe, secure and easy ways to access and manage their daily financial lives. We are excited to provide our customers a more seamless checkout experience that eliminates the risks of weak and reused credentials and removes the frustration of remembering a password. We are making it easier for customers to shop online.
Passkeys are the new standards and adopting in your organization will give you a significant competitive advantage as not only it increases security it also vastly improves customer experience. Trillbit through its product SoundAuth is helping companies to implement Passkeys quickly and saving them tons of money, contact us at firstname.lastname@example.org to know more detail.