Andrew Shikiar, FIDO Alliance Executive Director & CMO
Yesterday, Google announced support for simple and secure sign-ins with passkeys for all Google Account users. This is a huge milestone in our journey towards a passwordless future. Why?
It’s been only a year since Apple, Google and Microsoft announced their commitment to passkeys with plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. Since then, Apple and Google have readied their operating systems for service providers to enable sign-ins with passkeys that sync across devices; Windows 10 and 11 have long supported device-bound passkeys in Windows Hello – and passkeys from iOS or Android devices can also be used to sign into sites in Chrome or Edge on Windows.
Additionally, service providers like PayPal, Yahoo! Japan, NTT DOCOMO, CVS Health, Shopify, Mercari, Kayak, SK Telecom and more are committed to or already providing passkey sign-ins. Google now joins them, and will serve as a great way for large swathes of consumers to become familiar with passkeys, while also helping accelerate deployments from other service providers.
Consumer Readiness On the Rise
The growing number of service providers supporting passkeys matches a growth in consumer awareness and readiness.
According to a new survey released today by FIDO Alliance, over 57% of U.S. consumers said they are interested in using passkeys to replace passwords, compared with 39% who said they were familiar with the concept of passkeys in FIDO’s 2022 Online Authentication Barometer, released in October 2022.
Recovering or resetting passwords is one of the many hassles that consumers face. Only 9% of those surveyed report that they never need to recover their password – with 13% having to recover passwords daily or several times per week and nearly 60% reporting several password resets per quarter. It is little wonder then that 29% of consumers prefer signing in with biometrics (e.g. fingerprint or face scan) versus 19% who prefer to enter a password manually.
Passkeys are resistant to threats of phishing, credential stuffing and other remote attacks often used to take over online accounts. Based on the survey, approximately 65% of people who prefer to use biometrics to sign in would be interested in using a passkey and nearly half (45%) of people who prefer to use passwords to sign in would be interested in using a passkey. This is another clear signal telling us that consumers want less friction and greater ease of signing into their online accounts.
Passwords Create More Friction for Online Transactions
Consumers are tired of the hassle and complexity of passwords and are ready to embrace passkey sign-ins, which enable them to access online services simply and securely. Passkeys can help reduce shopping cart abandonment and turn the tide against the ongoing plague of data breaches and identity theft.
In addition to security implications, passwords continue to be costly for online retailers – according to the survey, nearly 60% of consumers said they have abandoned their carts due to a forgotten password in the past six months.
Simply put, passkeys stand to dramatically improve consumers’ online shopping experiences – as well as their service providers’ bottom lines.
Perceived Password Risk
Despite the large number of breaches and warnings, many consumers maintain poor password hygiene, unmoved by the risks passwords pose to their digital lives. According to the survey, 70% of people use passwords that are at least one year old. Despite the known risks of phishing attacks and other security breaches, the survey shows that 21% of respondents believe entering their password manually is the most secure authentication method.
Nearly 60% said they would not pay for increased security measures or official verification on social media platforms. Earlier this year, Twitter warned users they would lose the ability to secure access to their account via text message two-factor authentication unless they pay to subscribe to Twitter Blue. It seems clear from this data that consumers would naturally look to passkeys as a seamless and secure alternative.
To review the FIDO Alliance’s full survey results, click here.
What’s next?
Both the data and the increasing number of organizations rolling out passkeys shows that the future of authentication is here. But this does not mean the work is done. The FIDO Alliance and its members continue to iterate to improve the experience of passkeys. Be on the lookout for upcoming UX research and guidelines to further increase the adoption and usability of passkeys. The FIDO Alliance is also continuing to provide education, UX guidance, adoption perspectives and more through upcoming industry events. Attend our sessions at Identiverse and be sure to attend the FIDO Alliance’s conference, Authenticate, in Carlsbad, CA (or virtually) on October 16-18, 2023.