On December 5, 2025, the digital identity community gathered at Tokyo Port City Takeshiba for the 12th FIDO Tokyo Seminar. Under the theme “Towards a Passwordless World”, the event brought together 300+ industry leaders, government officials, and engineers to discuss the effectiveness of passkeys as a countermeasure against phishing and to explore the future landscape of digital identity.
Global Momentum: Local Leadership Driving Adoption
The seminar kicked off by highlighting the rapid adoption of FIDO standards and the strong commitment shown by the Japanese market.
Andrew Shikiar, CEO & Executive Director of the FIDO Alliance, shared the latest metrics: over 7 billion accounts worldwide are now protected by passkeys, with more than 3 billion passkeys saved by users. Data from the newly introduced “Passkey Index” further demonstrated the technology’s impact, revealing a 93% authentication success rate and a 73% reduction in login times.
In the Japanese market, Koichi Moriyama (NTT DOCOMO), Chair of the FIDO Japan Working Group (FJWG), reported on the growth of the local community as it celebrates its 10th anniversary and 111th monthly meeting. The day also marked a notable announcement: the FIDO Alliance has signed a liaison partnership with the Japan Securities Dealers Association (JSDA). This partnership is expected to accelerate security improvements and FIDO adoption across the entire securities industry.
Policy & Security: From Recommended to Essential
In 2025, Japan’s policy and security strategies are upgrading phishing-resistant authentication from “recommended” to “essential.”
- Digital Agency: Masanori Kusunoki addressed the revision of the guidelines for online identity verification in administrative procedures (DS-500 to DS-511). He expressed the view that for Assurance Level 2 or higher, phishing-resistant methods like the My Number Card or passkeys will effectively become mandatory.
- NPA & FSA: Takahide Sannomiya (National Police Agency) and Motoshi Matsunaga (Financial Services Agency) emphasized the importance of passkeys in countering cyber threats. In the financial sector specifically, policies are advancing to default to phishing-resistant Multi-Factor Authentication (MFA) for critical operations such as logins and fund transfers.
Proven Success & Next Frontier: Account Recovery
A highlight of the seminar was the consensus that passkeys have moved beyond “early adoption” to become mainstream in Japan’s major services.
The “Passkey Index Japan” panel session (Mercari, NTT DOCOMO, KDDI, FIDO Alliance) revealed that passkey authentication usage has exceeded 50% among smartphone users at these three companies. It was disclosed that 50.4% of all monthly active users (MAU) for authentication services are already utilizing passkeys.
This widespread usage, spanning all ages and demographics, suggests that passkeys are a realistic solution that balances convenience with security.
The discussion also focused on “Account Recovery” as one of the key challenges following widespread passkey adoption. Tatsuya Karino (Mercari), Masao Kubo (NTT DOCOMO), and Hideki Sawada (KDDI) emphasized the importance of secure recovery processes utilizing My Number Cards (JPKI) and eKYC, as well as designing for device changes. This is poised to be a cross-industry theme for 2026.
Securities Transformation: Advancing Passkey Deployment
The transformation within the securities industry is noteworthy. Shinobu Hirayama of Rakuten Securities reported that the company completed the rollout of passkey authentication (FIDO2) across all channels in October 2025. According to Hirayama, five securities firms have already implemented FIDO2, with that number expected to rise to seven by the end of the year. He emphasized that passkeys play a central role in building a technology-based “layered defense” against evolving fraud attacks.
Deep Dive into Tech: Platforms & Security
Technical sessions for developers and security experts explored the latest features supporting passkey implementation.
- Google Platform Evolution: Eiji Kitamura shared the latest updates based on Credential Manager. Of particular note was the “Restore Credentials API,” which promises to improve the developer experience by enabling seamless sign-ins when users migrate to new devices.
- Session Protection: In the “All About Passkeys” session (Eiji Kitamura, Kosuke Koiwai, Masaru Kurabayashi), the discussion turned to the risks of “session hijacking” that remain even after passkey adoption. Speakers argued for the necessity of risk-based session protection and new specifications like Device Bound Session Credentials (DBSC) to counter malware-based cookie theft.
Ecosystem & Innovation: Expanding Use Cases
Presentations from sponsor companies demonstrated a mature ecosystem capable of supporting diverse use cases.
- Regulated Industries & Finance: Gim Leng Koh (OneSpan) presented a dual-key approach for financial institutions, enabling device health assessment and transaction signing (WYSIWYS).
- Scale & Performance: Eugene Lee (RaonSecure) introduced their FIDO solution’s high processing performance, supporting over 10 million monthly users.
- Solving B2B Challenges: Kazuhito Shibata (ISR) addressed the barriers hindering MFA adoption in corporate environments.
- Device Security in the AI Era: Everett Hiroshi Shiina (Yubico) explained the importance of hardware-attested Single Device Passkeys in the face of rising AI threats.
- Lifecycle Protection: Takashi Yoshii (Daon) introduced the integration of FIDO authentication with Deepfake detection-enabled eKYC via the IdentityX platform.
- Customer Engagement: Mitsuharu Nakamura (Twilio) proposed a seamless authentication experience using Twilio Verify, which supports passkeys alongside SMS and TOT
Beyond Authentication: Digital Credentials & Identity
The conversation extended beyond authentication to the entire identity lifecycle.
In a video message, Lee Campbell (Google/FIDO Alliance Digital Credential WG Co-Chair) shared the vision of extending the trust and interoperability established by passkeys to “Digital Credentials,” defining ecosystem standards for wallets and identity verification.
The final panel session, featuring members from the FIDO Alliance, OpenID Foundation, OpenID Foundation Japan, and the Digital Agency, deepened the discussion on managing the entire identity lifecycle—from account creation to recovery.
Looking Forward: Building Japan’s Digital Identity Future
The 12th FIDO Tokyo Seminar served as a testament that passkeys are becoming firmly established as part of Japan’s digital social infrastructure. As we look toward 2026, the FIDO Alliance’s initiatives will continue to expand from authentication to the entire identity lifecycle and into the realm of digital credentials.
We would like to express our sincere gratitude to the sponsor companies who supported this event, as well as to all the speakers and attendees. We look forward to seeing you at our next event!
