October 16, 2024 at 09:07AM
Amazon reported that over 175 million customers now use passkeys for faster, passwordless sign-ins, enhancing security through cryptographic keys linked to biometric controls. The feature, initially introduced a year ago, is expanding to other services like AWS and Audible. The FIDO alliance has also announced a specification for portable passkeys.
**Meeting Takeaways:**
1. **Significant Adoption of Passkeys at Amazon:**
– Over **175 million customers** have enabled passkeys on their Amazon accounts.
– Passkeys allow users to sign in **six times faster** compared to traditional methods.
2. **Benefits of Passkeys:**
– Provide a **passwordless sign-in** experience, enhancing convenience and security.
– Utilize **biometric controls** or PINs alongside cryptographic keys for authentication.
3. **Technical Overview:**
– Passkeys consist of a **private key** stored securely on the user’s device and a **public key** shared with the online service.
– The authentication process involves a **cryptographic challenge** that the user validates using their PIN or biometric data.
4. **Security Advantages:**
– Passkeys are resistant to theft via data breaches, phishing attacks, or malware, making them a **safer authentication method** compared to traditional credentials.
5. **Accessibility for Customers:**
– Amazon customers can create passkeys through their **account settings**.
6. **Expansion to Other Services:**
– Amazon has successfully implemented passkeys not only for its main platform but also for **AWS and Audible**.
7. **Limitations of Current Passkeys:**
– Passkeys are **device-specific** and cannot be transferred between devices or password managers.
8. **New Developments from FIDO Alliance:**
– A new specification enabling the portability of passkeys across different platforms and password managers has been announced, potentially widening usability.