Passkey support comes to Chrome and Android
Google has announced today that it's bringing passkey support to both Chrome and Android. Passkeys offer a significantly safer replacement for passwords and other phishable authentication factors and mark another step towards a passwordless future.
If you're unfamiliar with passkeys, they're a joint initiative from Apple, Google, and Microsoft. Unlike a password the key is stored exclusively on your devices and never gets shared with anyone else.
When you log in, the passkey on your device creates a unique signature that confirms to the website that you are in possession of the passkey. Neither the passkey nor your biometrics are shared with the website or app operators.
For the user the experience is similar to using a saved password today, where you simply confirm with your existing device screen lock such as a fingerprint or facial recognition.
Today's announcement means that users can create and use passkeys on their Android devices. It also means developers can build passkey support on the web with Chrome, via the WebAuthn API, on Android and other platforms.
Google says the next step, for later this year, is to produce an API for native Android apps. Passkeys created through the web API will work seamlessly with apps that are affiliated with the same domain, and vice versa. The native API will give apps a unified way to let the user pick either a passkey, if they have one, or a saved password. This shared experience for both types of users aids the transition to passkeys and builds on the already familiar pattern of Google Password Manager.
You can read more about the announcement and how passkeys work on the Android developers blog.
Image credit: [email protected] / depositphotos