Passkeys is a welcome solution for all those who have the stress of remembering passwords on websites, online stores and applications. The new security and privacy feature of Apple for iPhone, iPad and Mac.
With the introduction of new operating systems macOS Ventura, iOS 16, iPadOS 16 si watchOS 9, Apple also presented a new one security system, passkeys, for website authentication-hate, applications and on devicesecure.
Table of Contents
Device security Apple - PIN and biometric data
Before we talk about the future, let's take a look at the past and the present, observing the steps taken by Apple in the field of security.
Touch ID – Fingerprint reader
In September 2013, Apple presents the first iPhone capable of reading with great accuracy biometric data of the user. It's about introduction Touch ID on the iPhone 5S. That button of “Home" of the iPhone that allows us to unlock the iPhone with the fingerprint, instead of the code PIN or password unlock.
Touch ID it has been integrated in many applications that involve accessing personal accounts or in banking applications. Digital fingerprint being required for authentication in the application and to allow the transfer of money to other accounts.
A few years later Touch ID appeared on MacBook models, being used for authentication on websites and applications. Closely related with Keychain Access, credentials are entered automatically after biometric authentication.
After the release Apple Pay in 2014, Touch ID became a validator for contactless payments. All the user has to do is to access the electronic wallet (Wallet), to select the bank card used for payment, then put your finger on the reader Touch ID.
Face ID – Facial identification
Face ID was released Apple in November 2017, being the top feature of iPhone X. Facial identification technology is a highly accurate biometric authentication measure. Face ID is the substitute Touch ID on all iPhone models without button "Home" and on iPad Pro, iPad Air (new generations).
When we want to authenticate in an application on our mobile phone or we want to make a contactless payment with Apple Pay, Face ID is necessary for identity validation. Likewise for unlocking the iPhone or iPad or for completing the passwords in Safari. Face ID it also replaces the unlocking code of the device. PIN or the iPhone unlock password is requested only once, after turning on the device.
Both Face ID and also Touch ID are biometric authentication methods that bring to the website or application credentials (user and password) previously entered by the user. More precisely, when we log in to a website or an online store from Safari, user and password must be stored in Keychain Access, to be brought into the login fields after biometric authentication. Keychain Access this credential manager al Apple available on Mac, iPhone and iPad (limited on mobile devices).
Passkeys - Security and confidentiality without passwords
Apple is about to do a huge step in terms of authentication systems. Passkeys involves removing passwords and replacing them with the device unlock code, plus biometric authentication.
For users, this means great relief. There will be no need to remember passwords when we want to authenticate on a site or in an application that requires an account. Moreover, there will be no need for token applications (verification codes) for factor authentication. Like Google Authenticator or 2FA Authenticator.
Passkeys will use public key credentials (public key credentials) from iCloud Keychain, after biometric authentication with Face ID or Touch ID. After the identity is confirmed, Passkeys will generate passwords for the applications we need to authenticate.
Currently, authentication on an iPhone or iPad website is done by "something we know" (user and password), "Something we need to know" (unique code generated by two-factor authentication applications).
In the future, with Passkeys, The iPhone will become the authentication device with "something we know" (the iPhone or iPad unlock code) and with "something we have" (the biometric data that will be read with Touch ID or Face ID).
For each account created on a service, the device will generate unique public and private keys. The service (website or application) will retain the private key and will share with the server the public key.
Security keys (Passkeys) are protected from any computer attack on the service or website we authenticate. They will not be stored on the authenticated web server or in the application they use Passkeys, but will be kept encrypted on the servers Applein iCloud. This eliminates the risk of our personal data, including usernames and passwords on a site, falling into the hands of attackers. They will not find our credentials there, even if the website database is broken.
Passkeys will encrypt end-to-end all access keys in iCloud Keychain to make them available on all your devices.
It is important to know that once the new feature Passkeys will be implemented and the iPhone will practically become your access key to websites and applications, the password to unlock the device must be a strong one.
0 thoughts on "Passkeys - Eliminate passwords for authentication on the web and in applications"