Passkey Insights from Authenticate 2023

The Authenticate conference is the core conference when it comes to authentication and identity, guiding developers and industry experts through the murky waters of user authentication. In the following, we provide a summary of the key talks around passkeys.

• FIDO Passkey-First
• Yubico Passkeys
• Microsoft Passkeys
• Google Passkeys
• GitHub Passkeys
• Nok Nok Passkeys
• Okta Passkeys
• 1Password Passkeys
• Amazon Passkeys
• Air New Zealand Passkeys
• FOX Passkeys
• Shopify Passkeys
• US Government Passkeys
• Payment Industry Passkeys
• Dashlane Passkeys
• Intuit Passkeys
• Synacor Passkeys
• Research Affirming Passkey Adoption
• Passkeys in Retail (Skechers, Expedia, Target)
• Conclusion

FIDO's Charge Towards a Passkey-First Future

Andrew Shikiar from the FIDO Alliance provided insights into FIDOs work on passkeys. With over 60,000 hours poured into honing FIDO's technical specifications, passkeys are poised to redefine digital access. Shikiar's message to developers was unequivocal: the groundwork has been laid, and it's time for passkey implementation to take center stage.

For product managers, this advancement signals a transformative shift in user experience. With the world's digital populace ready and capable of embracing passkeys, the focus pivots to education and adoption, particularly in sensitive, regulated industries.

Yubico Passkeys: Passkeys To Reduce Risks

Derek Hanson from Yubico shed light on an inspiring case where the adoption of FIDO and passkeys not only bolstered security but also yielded economic benefits, exemplified by reduced cyber insurance premiums. Such narratives are critical for product managers weighing the financial implications of integrating passkey systems.

Microsoft Passkeys: Combat Cyber Attacks

Pamela Dingle's revelation of the fourfold increase in password attacks at Microsoft underscores the urgency of adopting passkeys. Microsoft's integration of passkeys into Windows 11, facilitating cross-device synchronization in the future, offers the chance for wide-spread adoption of passkeys, especially on desktop devices.

In practice, Windows Hello, first unveiled in 2010, was a milestone in Microsoft's path to passwordless, culminating in the deep integration of passkeys in the latest Windows 11 22H2 version. The takeaway for developers and organizations is crystal-clear: integrating passkeys across digital platforms is essential for widespread user adoption and comfort. Microsoft's narrative wasn't just a story of innovation; it was a call to action.

Google Passkeys: Passkey-First Login Rolled Out and Usability Focus

Google's call for a #passkeysweek (which took place last week) and their commitment to ramp up passkey enablement signals a pivotal shift towards passwordless authentication. For developers, this initiative presents a wealth of resources and case studies, like KAYAK's 50% reduction in sign-in time, highlighting the tangible benefits of passkey integration.

Google's Mitch Galavan and Court Morgan reveal their focus on optimizing usability. Their mission? To embed simplicity at the core of the passkey experience. Their efforts resonate well with users, with test results indicating a preference for passkeys over traditional sign-in methods, and a striking 76% willing to use them repeatedly.

GitHub Passkeys: Quick Passkey Adoption Among Developers

GitHub's experience with passkeys, catalyzing the swift rollout of 2FA for all users, is a testament to the potential of passkeys when aligned with FIDO guidelines. The developer community can take cues from GitHub's approach, recognizing that thoughtful user interface design is instrumental in driving passkey adoption.

Nok Nok Passkeys: Passkeys in Regulated Markets

Rolf Lindemann's insights into passkeys in regulated industries remind us that while passkeys bring unparalleled ease and security, they also invite new challenges, particularly around device management. Developers working within regulated markets must navigate these complexities with innovation and adherence to regulatory requirements.

Okta: Passkey Deployment Challenges

Hans Reichenbach of Oktas candid session on the hurdles of passkey deployment serves as a crucial guide for developers. The intricacies of domain-specific registration and the nuances of revocation demand a meticulous approach to passkey implementation. Developers must stay ahead of these potential pitfalls to ensure a smooth transition to passkey-based systems.

1Password Passkeys: Credential Managers Improve UX

Anna Pobletts of 1Password underscores the integral part credential managers play in advancing the user experience. By assimilating passkey support, 1Password observed a remarkable uptake, with over 150,000 users creating upwards of 300,000 passkeys. Its a powerful testament to how seamless integration can foster adoption among users who seek the comfort of familiar interfaces within their browsers.

Amazon Passkeys: Tackling Scaling Challenges

Amazon's Mike Slaugh humorously brings to light the complexities that accompany scaling authentication systems, citing the need for simplification to handle the increasing variety of authentication methods and scenarios - even considering hermits in caves! Simplifying complex systems and offering a spectrum of authentication choices is pivotal for achieving scalability and enhancing user throughput.

Air New Zealand Passkeys

Air New Zealand's Anthony Kemp illuminates how leveraging FIDO and passkeys not only elevated the user experience but also translated to tangible financial benefits through a reduction in account recovery requests and bolstering sales by minimizing user drop-off during authentication.

FOX Passkeys: Reduce Authentication Risk

FOX Corporation, via Dean Perrine, touts the virtues of FIDO authentication in mitigating risk. With over 12,000 users to protect, FOX's journey to deploy YubiKeys showcased the demand for robust, secure authentication.

Shopify Passkeys: Eliminate Pitfalls Of SMS-Based Auth

Avhinav Lele from Shopify shares his own narratives challenging the status quo of SMS-based authentication, illuminating the diverse approaches and inherent challenges in the pursuit of secure user authentication with passkeys.

US Government Passkeys: Running FIDO Pilots

The U.S. Government, through voices from NIST and GSA, gives us a glimpse into the concerted efforts towards FIDO adoption. Ryan Galluzzo teases upcoming guidance on synced passkeys, while Kenneth Myers highlights the successful pilot implementations across numerous agencies.

Payment Industry Passkeys: Consumer Education is Key

The payment industry experts discuss the persistent challenge of fraud. While strong authentication methods like those provided by FIDO are seen as vital to the ecosystem, there's a shared recognition that consumer education is essential to balance security and convenience in transactions.

Dashlane Passkeys: Symbiosis of Passkeys and Password Managers

Rew Islam from Dashlane articulated a potent synergy the role of password managers in a world pivoting towards passkeys. With passkeys, developers have a unique opportunity to refine authentication processes via mobile native app support and tailored user interfaces. Dashlane's integration of passkeys through browser extensions and mobile OS APIs is a blueprint for developers to enrich their platforms' security and user convenience.

Intuit Passkeys: Financial Wins with Passkeys

Intuit's foray into FIDO authentication reaped tangible financial rewards, a detail shared by Rakan Khalid. The compelling increase from 80% to 97-98% in authentication success rates on mobile apps is more than just a statistic; it's a clarion call for product managers examining the impact of passkey implementation on user experience and revenue.

Synacor Passkeys: Passkeys on Connected TVs

Tony MacDonell from Synacor spotlighted an oft-overlooked avenue connected TVs. The ongoing development of passkey implementation for these platforms is set to revolutionize the user experience, eliminating the cumbersome process of text entry and accelerating the authentication process. This innovation could be a game-changer for product managers focusing on user retention and ease of use.

TikTok Passkeys: Increased Login Success Rate & SMS Savings

TikTok's adoption of passkeys, as shared by Daniel Grube, is a testament to their efficacy. A staggering 97% login success rate is not just impressive; it's a benchmark. TikTok's internal use of FIDO strong authentication has amplified its security and, simultaneously, resulted in cost savings. For software developers, this is an empirical case study demonstrating passkeys' value proposition.

Research Affirming Passkey Adoption

The conference was also a platform for unveiling research the FIDO Alliance's 2023 Online Authentication Barometer and the FIDO and LastPass 2023 Workforce Authentication report. These reports indicate a gradual but sure shift toward passwordless authentication. They serve as an analytical bedrock for product managers and developers looking to harness passkey technology for a competitive edge.

Passkeys in Retail (Skechers, Expedia, Target): Rapid Adoption of Passkeys

Executives from Skechers, Expedia, and Target shared their experiences during panel discussions, underscoring the business enablement potential of passkeys. The unanimous message was clear: the ecosystem is ripe for passwordless solutions, and the time for adoption is now. This presents a fertile ground for developers to innovate and for product managers to strategize user experience design.

Conclusion

In conclusion, the Authenticate 2023 conference has offered us a compelling vista of the future - a future where passkeys form the base of digital security and user convenience. Developers and product managers are going into the passkey-era, with the mandate to infuse security seamlessly into user experiences. The dialogue from industry visionaries and the practical demonstrations of passkey integrations have served as a call for professionals to adopt, innovate, and lead.

With projections pointing to a significant surge in passkey adoption by 2024, the takeaways from the conference make it abundantly clear: passkeys are not just a fleeting trend, but a fundamental shift in authentication practices. From 1Password's user-friendly credential management to Air New Zealand and Shopify's enhancements in customer interactions, the multi-industry embrace of passkeys underscores their universal appeal and effectiveness.

We at Corbado invite you to join this passkey revolution, a journey that promises to redefine the standards of digital authentication. Together, let's forge ahead, armed with the knowledge and best practices shared, to make passkey-based authentication the norm for a safer Internet for everyone.