The Core of Passkey Technology

Passkeys, a breakthrough in the realm of digital security, eliminate the vulnerabilities of password-based systems. Utilizing cryptographic key pairs, passkeys are designed to safeguard user identities without relying on shared secrets. The system operates on a challenge-response mechanism: a private key stored securely on the user’s device interacts with a public key on the service provider’s server. This interaction ensures that sensitive credentials are never exposed, making passkeys inherently resistant to phishing attempts and credential theft.

This technology is underpinned by the FIDO2 standard, which comprises WebAuthn and the Client-to-Authenticator Protocol (CTAP). WebAuthn facilitates seamless integration of passkeys into web applications, while CTAP supports communication between devices and authenticators, ensuring flexibility and security. Together, these components offer a standardized and robust framework for passwordless authentication across various platforms.


More

Biometric Update: BixeLab joins FIDO Face Verification program, certifies Aware 

Aware has received FIDO Alliance Certification for Face Verification, gaining recognition for its identity verification tech including liveness…

Read More →

Biometric Update: HID upgrades passkey, FIDO authentication capabilities with IDmelon acquisition

Texas-based HID has reached an agreement to acquire Vancouver, Canada-based logical access control provider IDmelon to upgrade its portfolio…

Read More →

Techstination Radio/Podcast: What you should know about passkeys for online security

Interview with FIDO’s Andrew Shikiar on what you should know about passkeys for online security.

Read More →


Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.