Passkeys Compatibility: Which Platforms Support Passkeys?
Apple previewed iOS 16, which will be released in September 2022, during its developer conference. One fascinating feature of iOS 16 is Passkeys, which are digital credentials that can potentially eliminate passwords once and for all.
Passkeys is a marketing term for “multi-device FIDO credentials.” It allows users to create a credential (encryption key) on a device to sign up for a service, such as an e-commerce site. The encryption key is also backed up to the user’s Google Account or Apple ID to be used on another device.
It is very similar to how one would use password managers today to securely sign up and log in to a website, which is far more secure as the server only has a public key instead of a password.
Aside from Apple, Google also announced that they would bring support for passkeys to Android towards the end of 2022. As Google, Microsoft and Apple committed to support Passkeys and to eliminate passwords together, it’s the first time that we have a promising technology that not only is capable of eliminating passwords but is also easy to use and compatible with major platforms.
So besides iOS 16, how far are we from adopting Passkeys and eliminating Passwords? This article will look into the current compatibility state and supports of Safari (iOS), Chrome (Android, Google), and Firefox.
Compatibility of WebAuthn
Passkey relies on WebAuthn, a protocol that supports the use of Authenticator. An authenticator is something that can store a credential. There are 2 kinds of authenticators, namely platform authenticators and cross-platform authenticators. A platform authenticator (e.g., browsers) resides on the device, while a cross-platform authenticator (e.g., security keys like Yubikeys) can be attached to devices.
So why do we still need Passkeys support if we got WebAuthn already?
Because without Passkeys, a credential only lives on the same device (e.g., for Safari, credentials will be cleared along with the browsing history), which can be quite inconvenient for end-users. You can’t log in to another platform (e.g. if your credential is created from iOS Safari, you can’t transfer it to Android for logging in to the same site).
According to caniuse.com, WebAuthn is supported by all the latest major browsers. This means you can use the WebAuthn API without running into compatibility issues if you are only targeting modern browsers.
Compatibility of Passkeys
iOS 16 will be the first platform that supports Passkeys. Credentials could be stored in iCloud Keychain (or other services) and can be synced across devices.
Passkey could also let you sign in to another device running another platform without the credential leaving the original device. When users want to sign in on a new device, they could simply use the device with the credential to scan a QR code generated on the target device. Technically, it is supported by FIDO2 CTAP2.
Passkey-supported browsers would also show an autofill prompt when you visit a login screen, which allows the end-user to select one of the credentials and then log in instantly. This feature depends on Client-side discoverable credential and Conditional mediation.
Conclusion
The upcoming iOS 16 with Safari 16 delivers the best support for passkeys. The passkeys on iOS 16 are syncing via iCloud Keychain, and it is also usable on an Android phone via QR code and supports autofill to sign the end-user in instantly. Passkeys support from other vendors is expected to come by the end of 2022. We are looking forward to a future without passwords!
