Passkey
A passkey is a FIDO authentication credential based on public-key cryptography standards developed by the FIDO Alliance, enabling users to sign in to websites and applications without passwords by leveraging their device's built-in unlock methods, such as biometrics (fingerprint or face recognition), PIN, or pattern lock.[1] The foundation of passkeys traces back to the FIDO Alliance, an industry group formed in July 2012 by technology leaders to create open, interoperable standards for reducing reliance on passwords and promoting phishing-resistant authentication.[2] The alliance's first specifications, released in 2014, introduced mechanisms for hardware-based authenticators, but passkeys emerged from the FIDO2 framework, finalized in 2019, which includes the WebAuthn API for web browsers and the Client to Authenticator Protocol (CTAP) for external devices.[3] This evolution aimed to make strong authentication seamless and scalable, addressing vulnerabilities in traditional password systems, with 77% of hacking-related data breaches involving stolen credentials.[4] Passkeys function through asymmetric cryptography: during registration, a user's device generates a unique public-private key pair, with the private key stored securely in the device's hardware-secured enclave and never leaving the device, while the public key is registered with the relying party (e.g., a website or app).[1] Authentication involves the service sending a random challenge, which the device signs using the private key after the user verifies their identity locally via biometrics or PIN; the signed response proves possession without exposing sensitive data.[5] For cross-device usability, passkeys support syncing across a user's ecosystem (e.g., via iCloud Keychain on Apple devices or Google Password Manager), or they can be device-bound for higher security, with recovery options through multi-device approval or backup codes.[6] Passkeys provide significant advantages over passwords, including complete resistance to phishing attacks since credentials are scoped to specific domains and cannot be replayed, along with faster sign-in times—up to 82% quicker in some implementations—and success rates 20% higher than password-based methods.[1] Businesses benefit from reduced support costs for password resets, which can account for up to 40% of help desk calls, and lower fraud rates, with some organizations reporting zero phishing incidents after full adoption.[4] Adoption has accelerated since May 2022, when Apple, Google, and Microsoft announced expanded support for a unified passkey standard, enabling seamless experiences across platforms like iOS, Android, Windows, and major browsers.[7] A 2025 FIDO Alliance survey found that 69% of consumers had enabled passkeys on at least one account, with 75% awareness of the technology, while the October 2025 Passkey Index revealed significant uptake among major services like Amazon, Google, and PayPal, including 93% sign-in success rates.[8][9] Growing implementation by services including eBay, PayPal, and Visa for payments signals a shift toward passwordless authentication as the default.Definition and Fundamentals
Definition
A passkey is a passwordless digital credential designed for secure user authentication to websites and applications, relying on public-key cryptography to enable sign-ins through biometrics, a PIN, or device unlock mechanisms.[1] Unlike traditional passwords, passkeys eliminate the need for users to remember or enter credentials, instead using the inherent security of the user's device for verification.[10] Key characteristics of passkeys include a device-bound private key that remains securely stored on the user's device and never leaves it, ensuring resistance to theft or remote attacks, while the corresponding public key is registered and stored on the service provider's server for authentication challenges.[1] Synced passkeys, facilitated by cloud services from platform providers, allow seamless use across multiple devices without compromising security.[10] The FIDO Alliance plays a central role in defining passkeys as a user-friendly branding for discoverable WebAuthn credentials, promoting their adoption to simplify and strengthen online authentication.[11] Passkeys build on WebAuthn as the underlying web standard to integrate with browsers and platforms.[1]Comparison to Traditional Authentication
Traditional passwords function as shared secrets between users and services, rendering them highly vulnerable to phishing attacks in which malicious actors deceive users into divulging credentials on impersonated websites.[12] These credentials are also prone to reuse across multiple accounts and exposure in data breaches, which have compromised billions of passwords over the years.[13] Moreover, passwords demand memorization of complex strings or dependence on external managers, imposing a significant usability burden on users.[14] Multi-factor authentication (MFA) addresses some password shortcomings by incorporating additional verification factors, such as one-time passwords (OTPs) delivered via SMS or authenticator apps, yet it fundamentally depends on the password as the primary credential.[15] Despite this enhancement, MFA remains susceptible to phishing and social engineering, where attackers can intercept OTPs or exploit user errors without bidirectional verification between the user and service.[13] Passkeys overcome these limitations by fully replacing passwords with asymmetric key pairs, where the private key stays confined to the user's device and cannot be extracted or shared, while the corresponding public key is registered solely with the intended service.[6] This design confers inherent phishing resistance, as the device's operating system or browser verifies the service's domain before releasing the authentication response, preventing credentials from working on fraudulent sites.[12] Consequently, passkeys enable a streamlined, single-step authentication via biometrics like fingerprints or facial recognition, or a device PIN, eliminating the need for manual entry and reducing friction while maintaining or exceeding the security of MFA.[1] This approach leverages public-key cryptography to bind authentication inseparably to the legitimate service context. For example, authenticating to an online service with a passkey typically requires only a quick biometric scan on the user's device, in stark contrast to entering a password followed by a temporary OTP code, which can be cumbersome and error-prone.[6]History and Development
Origins in FIDO Standards
The FIDO Alliance was formed in July 2012 by a group of technology companies, including Lenovo, PayPal, and Nok Nok Labs, and publicly announced in February 2013, with the primary goal of addressing the vulnerabilities inherent in password-based authentication systems, such as phishing and credential reuse, by developing open standards for stronger, interoperable authentication mechanisms.[2] This initiative aimed to shift reliance away from passwords toward public key cryptography-based solutions that could provide phishing-resistant security without compromising user experience.[16] In 2014, the Alliance released the Universal Second Factor (U2F) specification as part of its FIDO 1.0 standards, introducing a hardware-based second-factor authentication protocol that used security keys to augment passwords with strong cryptographic challenges, thereby enhancing protection against account takeovers.[17] U2F enabled cross-platform compatibility for authenticators like USB or NFC keys, marking an early step toward broader adoption of FIDO technologies while still requiring a primary password.[17] Building on U2F and the Universal Authentication Framework (UAF) from FIDO 1.0, the FIDO2 specification emerged in 2019 as a comprehensive framework for passwordless authentication, combining elements of prior standards to support seamless, phishing-resistant logins using biometrics, PINs, or hardware tokens.[18] Central to FIDO2 is WebAuthn Level 1, a W3C recommendation finalized that year, which defines the web API for creating and using public key credentials directly in browsers.[18] FIDO2 introduced early concepts of synced or discoverable credentials—known technically as resident keys—that could be stored on devices or cloud-synced by authenticator providers, laying the groundwork for user-centric authentication beyond device-bound limitations, though the consumer-friendly "passkey" branding would come later to emphasize ease of use. Key milestones included the launch of FIDO2 certification programs in 2019, which validated over 100 authenticators at Levels 1 and 2 by year's end, ensuring interoperability and security compliance across implementations.[19] WebAuthn serves as the technical backbone for these FIDO2 capabilities in web environments.Introduction and Standardization Efforts
In 2022, Apple, Google, and Microsoft jointly announced their commitment to expanding support for the FIDO Alliance's passwordless authentication standard, positioning passkeys as a secure, user-friendly replacement for traditional passwords across platforms and devices.[7] This initiative built on the foundations of FIDO2 by emphasizing seamless, phishing-resistant sign-ins that leverage public key cryptography without requiring users to manage complex credentials. The term "passkey" was introduced as a simplified branding for discoverable WebAuthn credentials that support cross-platform synchronization, enabling users to authenticate effortlessly on multiple devices through cloud-based keychains like iCloud Keychain or Google Password Manager.[1] This branding aimed to make the technology more accessible to developers and end-users, distinguishing it from earlier FIDO credential types by focusing on synced, multi-device usability while maintaining high security standards. The WebAuthn Level 3 specification, with its First Public Working Draft released in April 2021, advanced these capabilities by introducing features such as multi-account support and enhanced credential management APIs, which facilitate better handling of multiple passkeys per authenticator and improved user privacy controls.[20] As of January 2025, the specification remains in Working Draft status, with ongoing efforts toward potential finalization that year to standardize these enhancements for broader implementation.[21] From 2023 to 2025, the FIDO Alliance intensified its standardization work by developing certification programs for authenticators supporting synced passkeys, ensuring interoperability and security compliance for multi-device deployments.[22] In 2025, the Alliance announced the rebranding of World Password Day to World Passkey Day, first observed on May 1 that year, to promote global awareness and adoption of passkeys, culminating in annual events highlighting real-world integrations and consumer trends.[23]Technical Mechanism
Underlying Cryptography
Passkeys rely on public-key cryptography, a form of asymmetric cryptography that employs a pair of mathematically related keys: a private key, kept secret on the user's device, and a corresponding public key, shared with the service for verification. During authentication, the server generates a random challenge, which the device signs using the private key to produce a digital signature; the server then verifies this signature against the public key to confirm the user's identity without ever handling the private key or any shared secrets. This approach ensures that authentication is bound to the specific origin and user, as the signature incorporates the challenge to prevent unauthorized reuse.[24][25] Key pairs for passkeys are generated using Elliptic Curve Cryptography (ECC), specifically the NIST P-256 curve (also known as secp256r1), which provides 128 bits of security through efficient computations on elliptic curves over finite fields. The private key, consisting of a 256-bit scalar, and the public key, a point on the curve, are created during registration on the authenticator. The private key remains confined to the device's secure hardware, such as a Trusted Platform Module (TPM) on Windows and some Android devices or Apple's Secure Enclave on iOS and macOS, ensuring it cannot be extracted or exported even by the operating system.[26][27][28] Unlike password-based systems that rely on shared secrets vulnerable to interception, passkeys eliminate shared secrets entirely, as authentication depends solely on the asymmetric key pair and per-session challenges. The signing operation can be expressed as \sigma = \text{Sign}(\text{private_key}, \text{challenge}), where \sigma is the signature produced using an algorithm like ECDSA with SHA-256 (ES256). Verification then checks whether \text{Verify}(\text{public_key}, \text{challenge}, \sigma) holds true, confirming the challenge's integrity and origin without replay risks due to the challenge's uniqueness.[29][30]Registration and Authentication Flows
The registration process for a passkey begins when a user initiates credential creation on their device through an application or website, typically after authenticating with an existing method.[5] The relying party (RP), such as a website or service, generates a challenge and sends aPublicKeyCredentialCreationOptions object to the client, including parameters like the RP ID, user details, and user verification requirements.[31] The authenticator on the user's device, which may be built into the platform or a connected security key, then generates a unique asymmetric key pair scoped to the specific RP and user account.[32] The private key remains securely stored on the device, while the public key is included in an attestation object, which also contains an attestation statement signed by the authenticator's attestation key to prove its authenticity and hardware security characteristics.[33] During this step, the user may be prompted to verify their presence via biometrics, a PIN, or a security key touch, depending on the userVerification policy set by the RP.[34] The client sends the public key and attestation object back to the RP, which verifies the attestation to ensure the credential originates from a trusted, secure authenticator; failure in this check, such as an invalid signature or untrusted certificate, results in registration rejection.[35] The RP stores the public key, associating it with the user's account, enabling support for multi-device synchronization through platform credential managers without exposing the private key.[1]
Passkeys support discoverable credentials, also known as resident keys, where the authenticator stores the credential ID and user handle locally, allowing authentication without requiring the RP to provide a list of possible credentials or usernames post-registration.[36] This is enabled by setting the requireResidentKey option to "required" or "preferred" during registration, facilitating user-friendly, passwordless sign-ins across devices.[37] Error handling in registration includes the authenticator aborting the process if the user cancels or if timeouts occur, returning errors like AbortError or NotAllowedError to the client.[31]
The authentication process, or assertion ceremony, starts when the user attempts to sign in and selects their passkey from the device's credential manager.[5] The RP sends a PublicKeyCredentialRequestOptions object to the client, containing a fresh random challenge, the RP ID, and optional allowCredentials list for non-discoverable keys.[38] The authenticator retrieves the appropriate private key—using the discoverable credential if available—and prompts the user for verification via biometrics, PIN, or touch to unlock it.[39] The device then signs the challenge (along with client data like the RP ID and origin) using the private key, producing an assertion that includes the signature, authenticator data, and user handle.[40] This signing mechanism relies on public-key cryptography, where the private key never leaves the device.[1] The client returns the assertion to the RP, which verifies the signature against the stored public key, checks the challenge freshness to prevent replays, and confirms the authenticator data integrity; successful verification grants access without transmitting passwords or secrets.[41] If user verification fails or the assertion is invalid, the process aborts with errors such as InvalidStateError.[38]
Implementation and Platforms
Device and Browser Support
Passkeys rely on specific operating system versions and hardware capabilities for creation and authentication, with broad compatibility across major platforms by 2025.[42] Support began with iOS 16 and iPadOS 16 in September 2022, enabling passkey storage in iCloud Keychain and authentication via Touch ID or Face ID.[42] Android introduced passkey support starting with version 9 in 2019, though full implementation for third-party credential managers arrived in Android 14 in 2023.[42][43] Windows 10 and later versions support passkeys through Windows Hello biometrics or PIN, with initial rollout in 2022 and enhanced cross-device features in Windows 11 version 23H2 in 2023.[44][42] macOS Ventura (version 13) and later, released in 2022, integrate passkeys via the iCloud Keychain, with macOS Sonoma (version 14) in 2023 adding support for third-party password managers.[42] Browser support for passkeys, built on the WebAuthn standard, is nearly universal among major engines by 2025, covering over 91% of global users.[45] Google Chrome supports passkeys from version 108 (October 2022) on desktop and Android, with version 142 (2025) enabling advanced passkey upgrades.[45][42] Apple Safari provides passkey functionality from version 16.1 (October 2022) on macOS and iOS, with version 18 (September 2024) introducing passkey upgrades.[45][42] Mozilla Firefox added support in version 122 (January 2024) for desktop and Android, including autofill integration and passkey upgrades.[45][42] Microsoft Edge follows Chrome's timeline, supporting passkeys from version 108 (2022) on desktop, with version 122 (2023) for autofill and 136 (2025) for upgrades.[45][42] Hardware requirements center on devices equipped with secure elements to store private keys protectively, preventing extraction even under compromise.[42] Examples include Apple's Touch ID fingerprint sensors and Face ID facial recognition on iPhones and Macs, as well as Microsoft's Windows Hello on compatible PCs using TPM 2.0 chips.[42][44] By 2025, over 95% of iOS and Android devices meet these criteria, rendering the vast majority of smartphones passkey-ready.[46] For roaming authenticators independent of device ecosystems, the YubiKey 5 Series and later models support passkeys as hardware-bound credentials since their FIDO2 introduction in 2018, with firmware 5.7+ allowing up to 100 such keys.[42][47] Passkeys on these platforms enable cross-device use through optional syncing, enhancing accessibility without compromising security.[48]| Platform | Minimum Version | Introduction Year | Key Features |
|---|---|---|---|
| iOS/iPadOS | 16+ | 2022 | iCloud Keychain, Touch ID/Face ID |
| Android | 9+ (full third-party in 14+) | 2019 (2023) | Credential Manager, biometric unlock |
| Windows | 10+ (enhanced in 11 23H2+) | 2022 (2023) | Windows Hello, TPM integration |
| macOS | Ventura (13+) | 2022 | iCloud Keychain, third-party support in 14+ |
| Browser | Minimum Version | Introduction Year | Platforms |
|---|---|---|---|
| Chrome | 108+ | 2022 | Desktop, Android |
| Safari | 16.1+ | 2022 | macOS, iOS |
| Firefox | 122+ | 2024 | Desktop, Android |
| Edge | 108+ | 2022 | Desktop, Windows |