Faster, easier, and more secure customer logins with passkeys in Okta

Easily add passkeys as a sign-in method for stronger security and better user experience with the Customer Identity Cloud

Today, we’re excited to announce that passkeys will be available as an authentication method in the Okta Customer Identity Cloud as an Early Access feature for all customers on all plans.

Passkeys are discoverable FIDO credentials used for passwordless authentication and provide consumers with faster, easier, and more secure login experiences across all their devices. They’ve garnered widespread industry support from prominent technology companies like Apple, Google, and Microsoft as a phishing-resistant, viable alternative to passwords that also improve the user experience.  

With passkeys in the Okta Customer Identity Cloud, application builders and digital teams can reduce login friction in minutes by allowing their customers to sign up for and sign in to their applications the same way they unlock their mobile devices. By eliminating the need to remember complex passwords, solve captchas, or deal with frustrating two-factor authentication (2FA) challenges, businesses can improve the user experience with phishing-resistant security that drives acquisition, retention, and loyalty. 

The new feature comes as an addition to our existing platform capabilities that give businesses a complete solution for Customer Identity spanning all aspects of authentication, authorization, user management, and Identity security. 

Balancing security and convenience is a priority — but passwords aren’t the answer 

Consumer businesses face a tough balancing act between building frictionless online experiences that drive conversion while ensuring the highest level of end-user security. Customer Identity is central to addressing this need, with 85% of global leaders recognizing its role in driving top and bottom-line growth for their organizations. Despite this acknowledgment, passwords remain the most common form of authentication online, even though they’ve been proven to be insecure and inconvenient. 

Passwordless solutions like passkeys are one way organizations can protect their users while providing greater convenience to them.  

Build convenient login experiences your customers will love 

Convenience is a differentiator in today’s digital landscape — and it starts at the login box. 

Our recent Customer Identity Trends report found that 60% of consumers indicated they would be more likely to spend money when offered a frictionless login experience. Passkeys address this need by removing the inconvenience of passwords from the login flow. From account creation to login, customers can access an application or service in the same way they unlock their devices — with a fingerprint, face scan, or a device PIN. 

Additionally, passkeys enable you to provide a consistent digital experience for your customers because the same passkey can be used across multiple devices in the same ecosystem. Whether they’re accessing your application on a phone, laptop, or tablet — as long as they’re using a supported device from Apple, Google, or Microsoft — their passkey can sync across devices to be used where they need them.   

Maintain trust with phishing-resistant security  

In the past year, phishing attacks rose by 61%, making them one of the most popular social engineering attacks. By maliciously coaxing consumers to fork over their credentials, bad actors can prey on the established trust businesses have with their users. 

Fortunately, we’re starting to see a shift amongst many consumers where security is top of mind for them and, arguably, something they’ve come to expect from the businesses they engage with online. The challenge is finding a solution they are willing to adopt that also reduces risk. 

While traditional forms of two-factor authentication (2FA) can improve security, they come at the cost of introducing friction to users, which, as discussed above, can negatively impact the customer experience. Not to mention the expense of managing SMS-based 2FA programs or the recent rise in MFA bypass attacks. 

On the other hand, passkeys use the WebAuthn standard, which relies on public-key cryptography rather than traditional passwords. As a result, they’re more phishing-resistant, with no shared secret that can be exposed or stolen,  making them significantly more secure for you, your company, and your customers. 

Looking ahead 

We’ll only achieve a passwordless world if developers have the tools to build one efficiently. Currently, nearly 20% of businesses using the Customer Identity Cloud are actively using a form of passwordless authentication, and we’re confident that by allowing them to offer passkeys as an authentication method from our platform for their applications, we’ll be able to drive further adoption towards a passwordless future.

At the same time, though passkeys are an exciting new development in our industry that we’re keen on supporting, our goal is to continue to support a broader set of requirements that help businesses know, protect, and delight their users through Identity. This means providing a comprehensive platform that enables developers to quickly incorporate core authentication, authorization, and user management capabilities to address their organizations' and end-users’ evolving needs. 

Learn more about implementing passkeys into your application using the Okta Customer Identity Cloud by visiting our documentation here.