Amazon has seen massive adoption of passkeys since the company quietly rolled them out a year ago, announcing today that over 175 million customers use the security feature.
“Today, we’re excited to share that more than 175 million customers have enabled passkeys on their Amazon accounts, allowing them to sign in six-times faster than they could otherwise,” says Amazon.
“Adoption keeps growing every day, as more customers experience the convenience of passwordless sign-in.”
Passkeys are digital credentials tied to biometric controls or PINs and stored on devices such as phones, computers, and USB security keys.
This authentication feature uses cryptographic keys (public and private keys) to act as credentials tied to a biometric feature or PIN when logging into a service.
When creating a passkey, a private key is created and stored securely on a device’s secure chip and the online service requiring authentication only receives the public key.
When the user next attempts to log in, the online platform sends a cryptographic challenge to the user’s device.
The user will then be prompted to authenticate with their PIN or a biometric challenge (Face ID, Windows Hello, Fingerprint), which will cause the user’s private key to sign the cryptographic challenge and send it back to the online service.
The online service will use the user’s public key to verify the challenge and, if successful, log the user into their account.
As these cryptographic challenges are shortlived and the user’s private keys are stored on a secure chip, passkeys are considered a safer authentication method because they cannot be stolen in data breaches, through phishing attacks, or by malware, like usual credentials.
Amazon customers who haven’t created a passkey can do so in the account settings.
Due to the success of Amazon’s passkey initiative, the company has rolled them out to their other services, such as AWS and Audible.
However, as passkeys are linked to a user’s device, they are not portable, meaning you can’t transfer them between devices or password managers.
Today, the FIDO alliance announced a new specification that makes passkeys portable across different platforms and password managers.
Source: www.bleepingcomputer.com