Google has announced the rollout of ‘Passkeys,’ which it describes as “the easiest and most secure way to sign-in to apps and websites” and a major step toward a “passwordless future.”
Working Toward A Passwordless Future : FIDO & Passkeys
Passkeys comes out of the work that Google’s been doing with the FIDO Alliance, an open industry association, formed in February 2013, to develop and promote authentication standards to “help reduce the world’s over-reliance on passwords”. ‘FIDO’ (Fast IDentity Online) sign-in credentials refer to a set of open and scalable authentication standards that aim to reduce reliance on passwords and enhance the security of online services.
Also, in May last year, Apple, Google and Microsoft announced that they were joining forces to support a common passwordless sign-in standard to allow websites and apps to offer consistent, secure, and easy sign-ins across devices and platforms. At the time, the joining of forces between the tech giants enabled users to automatically access their FIDO sign-in credentials (also known as a “passkey”) on many of their devices, even new ones, without having to re-enrol every account and employ FIDO authentication on their mobile device to sign-in to an app or website on a nearby device, regardless of the OS platform or browser.
Passkeys
Passkeys are the latest step in the passwordless sign-in journey and offer users a way to sign-in to apps and sites the same way they unlock their devices: with a fingerprint, a face scan, or a screen lock PIN. Although passwords and 2-Step Verification (2SV) will still work for Google Accounts, Google says that Passkeys are available for Google Accounts today and can be easily set up by visiting g.co/passkeys.
Advantages
There are several key advantages of passwordless sign-ins over traditional password-based authentication methods, which are:
What Does This Mean For Your Business?
Finding solutions to keep one step ahead of cybercriminals whilst maintaining or increasing convenience for users, avoiding the damage caused by data breaches whilst staying competitive and increasing user engagement and retention, is an ongoing challenge for big tech companies like Google. The passwordless future has been a vision for some time and the expansion of the FIDO Alliance standards and Apple, Google and Microsoft joining forces have accelerated the steps to date, and the introduction of Passkeys. As outlined above, there are many advantages to not relying on passwords, not least the increased security and convenience, although, as Google acknowledges, the change to Passkeys will take time and passwords and 2SV will still work for Google Accounts. For businesses in today’s digital world, any extra security is welcomed, and Passkeys have the potential to help with customer retention by making it easier to login to apps and websites. For Google, Microsoft, and Apple, having shared standards that they’ve developed that are widely used also simplifies things, will reduce costs going forward, and is another way to help them retain their powerful market positions.