As technology advances, passwords are becoming easier to hack. This forces us to create more complex passwords, keep track of many passwords for the many services we use daily, and frankly, make use of the “Forgot password?” option more often than we’d like. Who among us hasn’t received a Chrome notification that one of our passwords was found on a dark web database?
Apple, Microsoft and Google have devised a solution. By taking an existing technology to the next level, we can now access our accounts without using passwords. Sounds amazing, right?
How passkeys work
Passkeys permit your customers to access their accounts from various devices without using a password. It’s even better than that; with passkeys, users can connect using the Touch ID or Face ID on their phones without having to set a password or install an application for validation. This is because it’s web-based.
You might ask: if it’s web-based, is it safe? The short answer is: yes, it is. Passkeys are encrypted on all ends. They cannot be leaked from the websites that use them. They are so secure that even the best hackers will have a very hard time trying to crack them.
The experience is seamless. If a user browsing on his or her phone already has an account, they can identify themselves instantly by tapping a button and going through Face ID or fingerprint authentication. If they don’t have an account they are asked to enter a few basic details and then go through Face ID or fingerprint authentication.
If browsing on a laptop or desktop, all the user has to do is to click on a button. The Face ID or fingerprint will pop up on their phone (for Apple devices) or they will scan a QR code and go through the same process (for other devices).
Behind the scenes, a key is generated and synchronized to the cloud. When a user connects from another device in the same ecosystem, it will use the same key.
But there is still a problem with cross-vendor support. If a user wants to connect from a different system, such as Windows, Android, or iOS, there is no real option to pass the passkeys between them. At the moment we know of passkeys support across few popular browsers, including Safari and beta version of Chrome. Another problem comes when passkeys are not supported on the user's device. What happens then? Other scenarios that might prove problematic are when users already have an account with a password set up. How do you allow them to switch to passkeys? Or if the same user set up passkeys and switches devices? The traditional passkeys won't follow the user to device with a different operating system.
The implementation process itself is the main obstacle for websites and businesses wishing to make life easier and safer for customers. Passkeys are provided as a sort of open API (WebAuthN) that developers can implement on their account management platforms.
OwnID provides cross-vendor support that enables you to implement passkeys on your website without changing the code, UI, or database. The solution also works when passkeys are not supported, when users already have an account with a password or when the users need to recover access to their account. Think about it. You can let your users go passwordless with or without passkeys in only a few hours. By doing that you effectively increase the number of logged-in users.
Some innovative brands, in various industries from e-commerce to travel, have already implemented passkeys on their websites. Here are a few such top brands:
Improve your conversion rate by switching to passkeys
Going passwordless is not only for the benefit of customers. Yes, eliminating passwords will help them to register and log in faster, without having to remember or store a password. But the greater benefit is to the business. By eliminating passwords, many websites can remove a huge obstacle in the conversion process.
As we approach the holiday season and the end of the year, all e-commerce websites wish to maximize monetization of their peak traffic. This is done by improving the conversion rate and competitive advantage. Websites that implement the passkeys solution see amazing improvements in their user drop-off rate. Some have reported increases in revenue of over 20%. Just by eliminating passwords!
It makes sense. Customers need not worry about forgetting passwords, or inventing one when registering. By simplifying the registration and login procedures, with only a few clicks instead of entering passwords and validating them, you enable customers to complete their purchases much faster, with fewer steps to discourage them.
Passwordless login with Face ID or fingerprint authentication will be a standard for websites in the near future. Business leaders who adopt it early, will benefit not only from a better user experience but also a dramatic improvement in security and an increase in identified users.
See how it looks: