FB pixel

What are passkeys, and how do they work?

What are passkeys, and how do they work?
 

Passkeys are a type of authentication credential that uses an individual’s unique personal characteristics or tokens and cryptographic signatures to grant or deny access to secure systems, networks, or physical locations without passwords.

Unlike traditional security systems that rely on passwords, PIN codes, or physical keys, passkeys can use biometric traits like fingerprints, iris patterns, facial recognition, or voice recognition, or other personal characteristics.

Passkeys use the WebAuthn standard for public-key cryptography, developed by the FIDO Alliance and World Wide Web Consortium. They are stored on a personal device, with authentication processed locally, but are meant to work with multiple devices.

Passkeys are unique to each person and cannot be forgotten, lost, or easily stolen like a password or physical key. Biometric passkeys provide an additional layer of security, but they are not the only type of authentication supported by passkeys, which can also be accessed by entering a PIN or pattern.

Authentication can be performed quickly and easily without users needing to remember or enter complex codes or sequences, making passkeys a more convenient and secure option for many applications.

Passkeys also enable users to experience a more seamless experience through cross-device authentication, allowing a user to use a passkey on one device to sign into an account on another device, regardless of the operating system.

There are some aspects of passkeys, such as how they are shared between devices, that may be considered unacceptable to enterprise security administrators. Account recovery through the cloud could also present a point of vulnerability, compared to the rest of the system.

Passkeys are expected to become the standard for both enterprises and consumers in the near future, as they provide a more secure and convenient alternative to traditional password-based authentication systems.

Several tech companies already allow customers to use them as an authentication option, including Google, Apple, and Microsoft.

Article Topics

 |   |   |   | 

Latest Biometrics News

 

Biometrics and injection detection for deepfake defense a rising priority

Biometrics integrations with injection attack detection to defend the latest front in the global battle against fraud, deepfakes, is the…

 

Biometric Update Podcast looks at the road to a global standard for age assurance

Episode 2 of the Biometric Update Podcast is a dispatch from the 2025 Global Age Assurance Standards Summit, held from…

 

WEF launches new DPI initiative focused on emerging tech, including biometrics

Global Digital Public Infrastructure (DPI) initiatives are lagging behind emerging technologies such as AI, which could lead to inefficiencies, bottlenecks…

 

Odds are good for biometrics firms in the global gambling sector

Gambling has always been a vice associated with certain kinds of criminal activity, but the development of the online gambling…

 

New Zealand issues tender for digital ID services accreditation infrastructure

New Zealand’s accredited digital identity services regulator, the Trust Framework Authority (TFA), has published a request for information (RFI) for…

 

Pindrop surpasses $100M in annual recurring revenue, kicks off BU podcast

A release from Atlanta-based voice biometrics firm Pindrop celebrates a milestone: the firm has surpassed US$100 million in Annual Recurring…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events