Ahead of final rollout, Google has announced the release of its passkey support for developers on Android and Chrome. The American software giant says ‘passkey’ is a safer substitute for passwords and other phishable authentication factors. It will be integrated with the Google Password Manager to simplify sign-ins across devices, websites and applications — no matter the platform. But what is Google passkey and how does it work? Let’s find out:
Passkeys: What is it
Passkeys are a new type of login credential that replaces passwords. The authentication requires either biometric authentication — such as a fingerprint or facial recognition — or a PIN or swipe pattern used with Androids for access. According to Google, they are built on industry standards and work across different operating systems and browser ecosystems, and can be used for both websites and apps. They follow familiar user experience patterns, and build on the existing experience of password autofill.
Passkeys: How it works
Google says its passkeys work similar to using a saved password in the Google Password Manager. To prevent lockouts in the case of device loss, passkeys are backed-up and synced through the cloud on users’ phones and computers. The passkeys can be used to sign in to apps and websites on other nearby devices via users’ phone.
Users can create and use passkeys on Android devices, which are synced through the Google Password Manager. On Android and other supported platforms, developers can build passkey support on their sites for end-users using Chrome via the WebAuthn API. Currently, developers can use Chrome Canary and sign up for the Google Play Services beta to test this.
How to create passkeys:
Step 1: Through settings on Android 9 device and later, click on Create a Passkey
Step 2: Confirm the passkey account information
Step 3: Present fingerprint, face, or screen lock when prompted
Earlier, Apple released a similar Passkey feature with its iOS 16 update that allows users to use their Apple devices to log in to websites and services without requiring passwords. Apple, Google and Microsoft partnered with the FIDO Alliance and the World Wide Web Consortium (W3C) earlier this year, for removing passwords for user authentication across the platforms.