Back to Overview

Why Does Passkey Need Bluetooth?

Blog-Post-Author

Vincent

Created: August 21, 2024

Updated: September 12, 2024

why does passkey need bluetooth

Why Does Passkey Need Bluetooth?#

Passkeys need Bluetooth to ensure that both devices involved in cross-device authentication are in physical proximity. This is crucial for security during the WebAuthn process (when scanning QR codes). Bluetooth prevents attackers from tricking users into scanning QR codes from remote locations, adding an extra layer of protection.

  • Passkeys require Bluetooth to confirm proximity between devices.
  • Bluetooth enhances security by preventing remote attacks during QR code scans.
  • This ensures that cross-device authentication happens only when devices are near each other.

Cross-Device Authentication and Bluetooth#

When a user authenticates with a passkey in scenarios where a QR code is scanned for cross-device authentication, Bluetooth plays a critical role. Here's why:

  • Proximity Verification: During the WebAuthn process, Bluetooth ensures that the device scanning the QR code and the device displaying the code are physically close to each other. This is known as proximity verification. Without Bluetooth, someone could potentially trick the user into scanning a QR code from a distant location, compromising security.

  • Preventing Remote Attacks: Imagine a scenario where an attacker gains access to a QR code and tries to lure the user into scanning it from another location, such as through a phishing attempt. Bluetooth prevents this by requiring that both devices are within a short range of each other, making remote attacks significantly harder to execute.

  • Hybrid Transport Authentication: WebAuthn supports various transport methods for passkey authentication, and Bluetooth plays a role in hybrid transport. It allows secure communication between devices when other methods like NFC or USB aren't viable.

Subreddit Icon

Discuss passkeys news and questions in r/passkey.

Join Subreddit

Why Bluetooth Over Other Technologies?#

You might wonder why Bluetooth is chosen over other wireless technologies. The key reasons include:

  • Widespread Availability: Bluetooth is available on almost all modern smartphones, tablets, and computers, making it a convenient choice for proximity verification.

  • Low Energy Consumption: Bluetooth Low Energy (BLE) is ideal for quick, short-range communication without draining the device's battery, which is crucial for user experience.

  • Security Standards: Bluetooth offers robust security features, such as encrypted connections, which are vital for maintaining the integrity of the authentication process.

Share this article

LinkedInTwitterFacebook

Enjoyed this read?

🤝 Join our Passkeys Community

Share passkeys implementation tips and get support to free the world from passwords.

Join for free

🚀 Subscribe to Substack

Get the latest news, strategies, and insights about passkeys sent straight to your inbox.

Subscribe for free

We provide UI components, SDKs and guides to help you add passkeys to your app in <1 hour

Start for free

Related FAQs

Related Terms

Related Articles

web bluetooth cover
Authentication

Web Bluetooth API & Passkeys

Vincent - June 25, 2024

webauthn-passkey-qr-code
WebAuthn Know-How

WebAuthn Passkey QR Codes & Bluetooth: Hybrid Transport

Vincent - November 8, 2023

WebAuthn Cross-Device Authentication Cover
WebAuthn Know-How

WebAuthn Cross-Device-Authentication: Passkeys via Mobile-First Strategy

Vincent - April 9, 2024

share-passkeys-apple-devices
Passkeys User Tips

How to Share Passkeys via AirDrop & Shared Groups on Apple

Janina - November 20, 2023

passkeys-sharing
Passkeys Implementation

Passkey Sharing Example: Flutter (iOS/Android), Vue.js, Golang

Vincent - November 16, 2023

Passkey Intelligence, Login Identifiers & Verification Preview
Passkeys Strategy

Passkey Intelligence, Login Identifiers & Verification

Vincent - July 9, 2024