Passkeys

We are happy to announce that Peak now supports Passkeys for an improved user access experience!

Passkeys are a phishing-resistant alternative to traditional authentication factors (such as username/password) that offer an easier and more secure login experience to users. Passkeys are modeled from FIDO® W3C Web Authentication (WebAuthn) and Client to Authenticator Protocol (CTAP) specifications.

Passkeys reduce the friction experienced with single-device authentication methods by allowing credentials to sync across devices. Cross-device authentication eliminates the need for users to re-enroll on each of their devices. It also supports a more reliable recovery method as the stored credentials can survive the loss of an originating device. To learn more about passkeys, review the FIDO® Alliance Passkey FAQs or see Google’s explanation of their passkey rollout here.



User experience flows


Similar to traditional authentication factors, passkeys can support several of your workflows such as signup, login, and account recovery.



Signup flow


The signup flow requires the user to provide an email address, and then create a passkey on either their current device or another device through cross-device authentication.


  • Prompts the user to enter their email address.
  • User enters their email address.

Note: Identity services from Eave will only ever originate from a trusted eave.io domain like identity.eave.io above.



  • Prompts the user to create a passkey.


  • If the user selects Create a passkey, it triggers the browser (or operating system) flow to create a passkey. (Note this will differ visually based on the device and operating system you are using. An example from Android shown below.)



  • If the user selects Create a passkey, it triggers the browser (or operating system) flow to create a passkey.



  • If the user selects Continue, it prompts them to authenticate with their device’s credentials.

    (Note this will differ visually based on the device and operating system you are using. An example from iOS using Chrome is shown below.)



  • If the user selects Try another way, it prompts them to create a passkey on another device.




Login flow


The login flow detects if the user has a passkey registered to the current device and then automatically selects it using autofill. If the user has multiple passkeys registered to the device, they can manually select one with a button.



  • Now Peak prompts the user for an email address or a passkey.

  • User can use autofill or select Continue with a passkey.



More Information


Passkey support on Android and Chrome


For more information on OS support for Passkeys through android and Chrome please see this link:

https://developers.google.com/identity/passkeys/supported-environments



Use passkeys in Safari on iPhone


For more information on OS support for Passkeys through Safari and iOS please see this link:

https://support.apple.com/en-gb/guide/iphone

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.