After introducing passkeys for iOS back in November, PayPal is now expanding access to passkey logins for Android users in the US. Now, with the help of passkeys, Android users can access websites and services without having to type in usernames and passwords. This move aligns with other major tech brands like Google, Apple, and Microsoft that are promoting password-free login systems.
Initially, the rollout of this feature will begin on the PayPal website rather than its app, and users will need to run Chrome on Android 9 or higher to access passkeys. Additionally, users might also receive a notification asking if they want to create a passkey, which they can authenticate using their phone’s biometric system or passcode once the feature is available.
To activate passkeys for PayPal on Android, eligible users need to visit the PayPal website and log in traditionally with a password. After logging in, the option to “create a passkey” will appear, and PayPal will prompt users to verify their identity using the biometrics on their smartphones. After completing the setup, users will no longer have to type in their password to quickly check out purchases.
So, what exactly are passkeys?
Developed in line with the FIDO authentication standards, passkeys are a form of authentication technology that creates two cryptographic keys, one public and one private, associated with the user’s account.
Therefore, when a user uses an app like PayPal that supports passkeys, it uses the public key to confirm a person’s identity by matching it to the private key. This process provides stronger security, as passkeys are resistant to phishing, and since one of the key pairs is stored on the user’s device, people’s login information is safe even in the case of a data breach.
Despite major brands promoting passkeys as the key to a passwordless future, they are still relatively rare. 1Password maintains a list of sites and services that support passkeys, with only 38 entries listed. Therefore, even if more sites start supporting passkeys, it’s still a long way before we eliminate the use of passwords.