Vratislav Holub At the WWDC 2022 developer conference, Apple showed us new operating systems that received interesting security improvements. Apparently, Apple wants to say goodbye to traditional passwords and thus take security to a whole new level, which is to be helped by a new product called Passkeys. Passkeys are supposed to be significantly more secure than passwords, and at the same time prevent a variety of attacks, including phishing, malware, and more.
It could be interest you
As we mentioned above, according to Apple, the use of Passkeys is supposed to be significantly safer and easier compared to standard passwords. The Cupertino giant explains this principle quite simply. The novelty specifically uses the WebAuthn standard, where it specifically uses a pair of cryptographic keys for each web page, or for each user account. There are actually two keys – one public, which is stored on the other party's server, and the other private, which is stored in a secure form on the device and for its access, it is necessary to prove Face/Touch ID biometric authentication. The keys must match and work with each other to approve logins and other operations. However, since the private one is stored only on the user's device, it cannot be guessed, stolen or otherwise misused. This is precisely where the magic of Passkeys lies and the highest potential of the function itself.
Connecting to iCloud
An important role in the deployment of Passkeys is to be played by iCloud, i.e. the native Keychain on iCloud. The aforementioned keys must be synchronized with all the user's Apple devices in order to be able to use the function at all practically without restrictions. Thanks to secure synchronization with end-to-end encryption, it shouldn't be the slightest problem to use the new product on both iPhone and Mac. At the same time, the connection solves another potential problem. If a private key were to be lost/deleted, the user would lose access to the given service. For this reason, Apple will add a special function to the aforementioned Keychain to restore them. There will also be an option to set a recovery contact.
Passkeys in practice
At first glance, the principles of Passkeys may seem complicated. Fortunately, the situation in practice is different and this approach is therefore extremely easy to use. When registering, all you have to do is put your finger (Touch ID) or scan your face (Face ID), which will generate the aforementioned keys. These are then verified at each subsequent login through the aforementioned biometric authentication. This approach is thus significantly faster and more pleasant - we can simply use our finger or our face.
Passkeys on other platforms
Of course, it is also important that Passkeys can be used on other than just Apple platforms. Apparently we don't have to worry about that at all. Apple cooperates with the FIDO Alliance association, which focuses on the development and support of authentication standards, thereby wanting to reduce the worldwide dependence on passwords. Practically, it is coining the same idea as Passkeys. The Cupertino giant is therefore specifically in contact with Google and Microsoft to ensure support for this news on other platforms as well.
It could be interest you
Adam Kos 