Passkeys in combination with Biometrics as Innovative Approach to the Classical Authentication Method
Passkeys are an innovative authentication method designed to enhance online security by replacing traditional passwords with a more secure system based on cryptographic keys and supported by the FIDO alliance consortium. Essentially, a passkey consists of two components: a public key and a private key. The public key is stored on the server, while the private key remains securely on the user’s device. Within the authentication process the web application communicates with the user’s Authenticator (e.g. device wallet or Password Manager) through their local browser or app based on the so called WebAuthn interface. Contrary to username and password authentication which can be compromised while transmitted over the Internet, this dual-key approach minimizes the risk of password theft, as only the private key on the user’s local device can unlock access to an account.
The convenience and security offered by biometrics make passkeys an appealing option for both individuals and organizations.