Google rolls out Passkeys for Android and Chrome

SAN FRANCISCO: Tech giant Google has announced the rollout of Passkey support on Android and Chrome for better security.

Access keys are a more secure alternative to passwords and other phishable forms of authentication.

“They can’t be reused, don’t leak server vulnerabilities, and protect users from phishing attacks,” the company said in a blog post late Wednesday.

“Security keys are based on industry standards and work across different operating systems and browser ecosystems, and can be used for both websites and apps,” he added.

Passkeys follow user experience (UX) patterns and build on the existing password autofill experience.

To avoid lockouts in the event of lost device, passkeys on users’ phones and PCs are stored and synced via the cloud.

Users can also log into apps and websites on other nearby devices using keys stored on their phone.

The key enables two key features: On Android devices, users can generate and use passkeys that are securely synced through the Google Password Manager.

Using the ‘WebAuthn API’, developers can add Passkey support to their websites for end users using Chrome, Android, and other supported platforms.

Developers can use Chrome Canary and sign up for the Google Play Services beta to test it now. Later this year, both features will be generally accessible through stable channels, the company said.

Applications associated with the same domain will easily accept security keys generated through Web API and vice versa.

The passkeys work across multiple systems and browsers, including Windows, macOS and iOS, and ChromeOS, with a consistent user experience because they’re based on industry standards, the company said.