Universal Passkeys

Support passkeys for every user no matter what device, browser, and application type they're on. Offload compatibility headaches and ship passkeys for your apps in minutes.

Get started

Passkey
What are passkeys?

Passkeys are digital keys made up of public-private key pairs. They allow users to authenticate with their device biometrics or local device PIN. Passkeys are easy to use and phishing-resistant.

Read more

Where are passkeys supported?

Passkey support is reliant on device and browser support of WebAuthn. WebAuthn is a standard web API built into some browsers that enable users to authenticate with passkeys. See table below for details.

Read more

What are the benefits of passkeys?

Passkeys are awesome in two ways that matter. We recommend that you both offer this for your users and use it yourself on services that support passkeys.

Significantly better security

Protection against automated bots
100%
 
Protection against phishing attacks
99%
 
Protection against user-targeted attacks
90%
 

Way faster logins

  • 200% faster logins compared to passwords
  • 400% higher success rate compared to passwords

Source: Google Security Research using 100M authentication events

PASSKEYS TAKE
~14.9
seconds
PASSWORDS TAKE
~30.4
seconds

Universal Passkeys solve one key challenge: platform support

Operating systems and browsers have uneven and, in some cases, no support of WebAuthn. That means some of your users can't use passkeys.

  Universal Passkeys WebAuthn
Windows    
Chrome
Edge
Firefox
Hardware-bound passkey
Hardware-bound passkey
Software-bound passkey/OTP
FIDO2 passkey
FIDO2 passkey
No passkey (external security key only)
Mac    
Chrome
Edge
Firefox
Safari
Hardware-bound passkey
Hardware-bound passkey
Software-bound passkey/OTP
Software-bound passkey/OTP
FIDO2 passkey
FIDO2 passkey
No passkey (external security key only)
No passkey if no touchID enrolled (external security key only)

Wait, how do you support passkeys without WebAuthn?

Great question, in addition to WebAuthn, W3C has another approved standard called Web Cryptography (aka WebCrypto). Like WebAuthn, WebCrypto allows browsers to create public-private key pairs aka passkeys. Unlike WebAuth, WebCrypto creates those passkeys in software, not hardware. 

Passkeys stored in software and hardware are both phishing-resistant. However, there are nuanced security differences that might matter to you if your application has high security requirements. For more information, check out our detailed blog post on on this.

Universal Passkeys UX

Supports WebAuthn
Does Not Support WebAuthn
start building

Ready, set, build

Start building for free. No credit card required.

Get started

Libraries and Guides

JavaScript SDK -> Kotlin SDK -> Swift SDK -> Flutter SDK -> React Native SDK -> Bubble.io Plugin -> Auth.js Integration -> WordPress Integration ->

See if your users can use passkeys

Get my free report