Passkeys
Go passwordless with FIDO2 passkeys for greater security and simplified user experience to log in to applications and services seamlessly.
What are FIDO2 passkeys?
FIDO2 passkeys are cryptographic key pairs typically stored on a device that authenticate the user for various applications and services. A public key is stored on the application server and a private key is stored on the user’s device. When a user tries to log in to an application, Passkeys use Bluetooth® to communicate between the user’s phone (FIDO authenticator) and the device from which the user is trying to authenticate.
Enable Secure Passwordless Access
Resist Phishing
Generate unique key pairs for each application and eliminate the reuse of credentials that can cause password fatigue-based attacks.
Mitigate Remote-Based Attacks
Communicate with your users’ smartphones over Bluetooth when signing challenges with private keys.
Enable Passkeys With Ease
Use Entrust Identity as a Service to simplify the support of passkeys within your application.
How do FIDO2 passkeys work?
When a user tries to log in to an application, passkeys use Bluetooth to communicate between the user’s registered device (FIDO authenticator) and the device upon which the user is logging into the application. The application issues a security challenge to the user’s registered device via Bluetooth. The user is then prompted to authenticate themselves using biometrics to accept the sign-in request challenge, which is signed with the private key on the user’s registered device and sent back to the application to be verified with the corresponding public key, after which the user is signed in if successful.
Enhance Security and the User Experience
With FIDO2 passkeys (which are based on FIDO authentication), proximity to the device upon which the application or service is being accessed is always necessary. This helps reduce risk against the most common attacks and enables a familiar user experience that is consistent across all platforms and devices.