Passkeys: Apple’s solution to end passwords

In line with the adoption of the FIDO standard for passwordless authentication, Apple recently unveiled its new feature called Passkeys. A biometric-based digital key system coming this fall with upcoming iOS 16, iPadOS 16, and macOS Ventura updates.

Are you also tired of having to create new passwords, always longer and always more complex, knowing full well that you will quickly forget them? Rejoice, this ordeal will be over soon! As we announced to you last May, digital giants Apple, Google and Microsoft have already joined forces to prepare us for a passwordless future. The three US companies, which alone run the world’s most important software and browsers (iOS, macOS, Android and Windows on the one hand, and Safari, Chrome and Edge on the other), have pledged to jointly support the new FIDO standard. A new online authentication standard, designed to be both more secure and simple, FIDO is an acronym for Quick ID Online (or “quick definition online” in French).

As a reminder, this new passwordless system plans to rely entirely on our precious smartphones. They are the people who will act as a kind of virtual key, communicating directly via encryption with websites or applications to allow access to our various online accounts. Even when we consult those from a computer, all we have to do is open our mobile device to connect, somewhat similar to what is already there with two-factor authentication, but faster and more secure. And now we know more about what the new FIDO standard has in store for us, and on paper it’s very promising, and Apple recently explained how this new system will work on its devices.

After giving its first glimpse at its traditional developer conference, WWDC 2022, the Apple brand had the opportunity to present its solution called Passkeys at the beginning of August, in an interview with Tom’s guide. More specifically, two Apple representatives (Kurt Night, Senior Director of Platform Product Marketing, and Darin Adler, Vice President of Internet Technologies) answered the specialist site’s questions about the new “access keys”. digital. Which we know will arrive next fall with updates to iOS 16 (for iPhone), iPadOS 16 (for iPad), and macOS Ventura (for Mac).

When Face ID and Touch ID chase passwords

First, Tom’s guide It claims in its report that Passkeys promises to be one of the most secure solutions out there. On the other hand, because it is a virtual key that is stored locally on the device, not on a server subject to hacker attacks. And on the other hand because it is completely impervious to phishing attempts, knowing that it will remain a secret even from the eyes of the user, who does not actually need to know to authenticate himself. Then, Apple representatives, without surprise, announced that it was the Apple brand’s biometric authentication systems that would ensure the proper functioning of passkeys. By unlocking the iPhone, via the Touch ID fingerprint reader or Face ID, we will access this set of virtual keys. So it would be virtually impossible for someone else to be able to access it.

With Passkeys, it will be possible to authenticate an account online simply by unlocking your iPhone. © Apple

While Passkeys work perfectly within the Apple ecosystem, communicating naturally from iPhone to iPad or Mac through encrypted end-to-end sync via iCloud Keychain, what devices aren’t an apple? Even if it’s counterintuitive in nature, the Cupertino company has clearly considered the possibility that we might need to connect to an online account on a device that hasn’t left its factories, and found a fairly simple solution to this “problem”: a QR code. Created on a Windows PC or Android tablet, the user will simply have to scan it on their iPhone or iPad, then authenticate themselves via Touch ID or Face ID to access the account on the other device.

So there’s Apple’s solution to a password-free future. That said, the Apple brand isn’t the only one that has embarked on this path, and there’s no doubt that Google will soon reveal its fast authentication system on Android. Of course, it will then be necessary to have some patience, the time everything is put in place, especially as the developers of sites and applications in turn adopt this new standard. But the good news is that technology is moving in the right direction.

Sources: Apple, Fonandroid, Tom’s Guide

Leave a Comment