Universal Passkeys
Support passkeys for every user no matter what device, browser, and application type they're on. Offload compatibility headaches and ship passkeys for your apps in minutes.
What are passkeys?
Passkeys are digital keys made up of public-private key pairs. They allow users to authenticate with their device biometrics or local device PIN. Passkeys are easy to use and phishing-resistant.
Where are passkeys supported?
Passkey support is reliant on device and browser support of WebAuthn. WebAuthn is a standard web API built into some browsers that enable users to authenticate with passkeys. See table below for details.
What are the benefits of passkeys?
Passkeys are awesome in two ways that matter. We recommend that you both offer this for your users and use it yourself on services that support passkeys.
Significantly better security
Way faster logins
- 200% faster logins compared to passwords
- 400% higher success rate compared to passwords
Source: Google Security Research using 100M authentication events
seconds
seconds
Universal Passkeys solve one key challenge: platform support
Operating systems and browsers have uneven and, in some cases, no support of WebAuthn. That means some of your users can't use passkeys.
Universal Passkeys | WebAuthn | |
Windows | ||
Chrome
Edge
Firefox
|
Hardware-bound passkey
Hardware-bound passkey
Software-bound passkey/OTP
|
FIDO2 passkey
FIDO2 passkey
No passkey (external security key only)
|
Mac | ||
Chrome
Edge
Firefox
Safari
|
Hardware-bound passkey
Hardware-bound passkey
Software-bound passkey/OTP
Software-bound passkey/OTP
|
FIDO2 passkey
FIDO2 passkey
No passkey (external security key only)
No passkey if no touchID enrolled (external security key only)
|
Wait, how do you support passkeys without WebAuthn?
Great question, in addition to WebAuthn, W3C has another approved standard called Web Cryptography (aka WebCrypto). Like WebAuthn, WebCrypto allows browsers to create public-private key pairs aka passkeys. Unlike WebAuth, WebCrypto creates those passkeys in software, not hardware.
Passkeys stored in software and hardware are both phishing-resistant. However, there are nuanced security differences that might matter to you if your application has high security requirements. For more information, check out our detailed blog post on on this.