Google has begun rolling out initial passkey support for Android and Chrome. Web admins can start integrating the technology into their websites through the WebAuth API. Developers can download the latest Google Play Services beta to start testing the authentication standard within their apps.
Google expects to roll out stable support for passkeys later this year, with an API for native Android apps arriving in 2022 as well. The latter will allow you to choose between a passkey and a saved password when logging into a supported platform.
As more apps and websites add support for passkeys, Android and Chrome users will see their relationship with online credentials change. Passkeys are a significantly safer replacement for passwords and other phishable authentication factors, They cannot be reused, don’t leak in server breaches and protect users from phishing attacks.
Creating a passkey on your Android phone will involve confirming you want to make one and then authenticating your identity with a fingerprint or face scan. Signing in is just as easy. You simply authenticate your identity and you’re good to go. You’ll manage your passkeys through Google Password Manager, where they’ll be automatically backed up to the cloud to prevent lockouts if you ever lose your device.
With social engineering and phishing threats dominating the threat landscape, interest in passwordless authentication solutions continues to grow. Researchers anticipate the passwordless authentication market will rise from a value of $12.79 billion in 2021 to $53.64 billion by 2030.
Since passkeys are part of an industry-wide initiative to do away with passwords, they work across different devices, platforms, and browsers. As adoption increases, there will be increasing pressure on providers to offer more and more accessible passwordless authentication options, or risk being left behind.