?? Unlocking the Mystery of Passkeys: Why Aren't They Taking Off? ??

?? Dearest Reader,

I hope everyone is enjoying their summer with warm ?? days, lots of sun, and working on their tan. San Francisco this year has been a cool 60-something and very foggy ?? of late. So, I’ve spent the last week mostly pursuing my other summertime hobby: downloading the latest version of iOS.

?? iOS 18 comes with a new Passwords management app, which caught my eye because, of course, the app goes into the first available slot on my home screen. Smart move by the Apple Product Team, but as a consumer, I'm not a fan. So I figured I would open up the app. What caught my eye was the 108 security concerns. ?? (Yes, I know I need to do a better job coming up with stronger passwords, but I struggle to save and recall them, which leads me to constantly resetting passwords. In my defense, I have better things to spend brain power on than passwords! ??)

What caught my eye in the Passwords App was that I only have nine Passkeys, which seemed surprisingly low because I like trying out things that make my life easier. (Shout out to my former team at Everi and especially Hannah Finch for having the Everi Holdings Mobile App be one of those nine.) It made me wonder, where do we stand on Passkey adoption among the product community?

First, what are Passkeys even? I like this definition from a The Keyword Article on the exact topic, "A passkey is a FIDO credential stored on your computer or phone, and it is used to unlock your online accounts. The passkey makes signing in more secure. It works using public key cryptography and proof that you own the credential is only shown to your online account when you unlock your phone." ????

So what is holding back passkey adoption? Removing login friction has paid dividends for my products' KPIs over the years. Google last year highlighted that passkey users achieve a 4x login success rate versus those using a password AND they authenticate in half the time. So then, why aren’t Passkeys taking off? ?? Wouldn’t increasing active users and reducing support costs for account recovery issues be two objectives product managers should focus on? When we add in reducing the risks to user data from hacks and phishing attempts, passkeys should be a top item in every backlog. What is holding Passkeys from that position? ??

In this author’s opinion:

1?? Early Stage Technology: Passkeys are still in their early stages of adoption. As a result, product managers might be hesitant to advocate for a technology that is not yet widely available. After all, they have to work across their entire organization to educate and get buy-in from engineering, operations, security, compliance, and of course product leadership. ????

2?? Integration Challenges: Implementing passkeys may require significant changes to the product's authentication system, which could be time-consuming and resource-intensive. Resolving these challenges could outweigh the benefits of passkeys. ???

3?? Security, Regulatory, and Operational Concerns: This might be the biggest challenge product managers would face in assessing passkeys. Sectors like banking, while wanting to reduce user friction, need to think through access management and how they can control the authentication of their users. Other questions, including regulatory concerns, appear to still be left unresolved. Last, but definitely not least, how to operationalize passkeys and make sure a product's support processes can handle them have to be decided. ????

While these points can be overcome with enough time and resources, PMs will need to look at the authentication improvements relative to the cost to build and launch this feature. ????

So, who among us is pursuing passkeys? A year from now, I would love to see my passkey count be so much higher, but what's realistic? We shall see. ??

And before I forget a Dad joke:

???? Why did the passkey go to therapy? Because it had trouble opening up! ????

#Passkeys #Authentication #ProductManagement #TechTrends #SecureSignin #ProductDevelopment

?? Unlock the future! ??