Guidelines for Enhanced Passkey User Experience: FIDO Alliance Paves the Way for Seamless Authentication
The FIDO Alliance has published a new set of user experience (UX) guidelines aimed at promoting the widespread implementation and adoption of passkeys. These guidelines, titled “FIDO Alliance UX Guidelines for Passkey Creation and Sign-ins,” are designed to assist online service providers in creating a more seamless and consistent user experience when utilizing passkeys for authentication. The guidelines can be accessed at https://fidoalliance.org/ux-guidelines/.
Passkeys, which adhere to FIDO standards, serve as a secure alternative to traditional passwords, offering users faster and easier sign-in experiences across various websites and applications on their devices. While passkeys are significantly more user-friendly and secure than passwords or traditional two-factor authentication methods, the research conducted for these guidelines revealed that passkey sign-ins present distinct user journeys that service providers must consider when implementing passkey support. The FIDO Alliance UX Guidelines provide evidence-based best practices for crucial steps in the user journey, covering both passkey creation and sign-in processes.
“As companies around the world accelerate their move toward passwordless authentication based on FIDO standards, the topic of user experience has risen to the forefront,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “Passkeys uniquely can provide a phishing-resistant sign-in as well as a superior user experience which can drive top-line growth by enabling more seamless access to online services and engendering stronger brand affinity. We encourage online service providers to use these guidelines in their journey to rolling out passkeys to ensure a consistent, thoughtful, and simple user experience for their users.”
Passkeys are supported on a wide range of consumer devices. Leading technology companies such as Apple and Google have prepared their operating systems to enable passkey sign-ins that synchronize across devices. Windows 10 and 11 have long supported device-bound passkeys through Windows Hello, and passkeys from iOS or Android devices can also be used to sign into websites on Chrome or Edge browsers running on Windows.
Several prominent service providers, including Google, PayPal, Yahoo! Japan, NTT DOCOMO, CVS Health, Shopify, Hyatt, Instacart, Robinhood, Mercari, and Kayak, are already offering passkey sign-ins to their customers, underscoring the growing adoption of this authentication method.
“When it comes to providing passkeys to consumers, technical implementation is only one piece of the puzzle,” said Kevin Goldman, chair of the FIDO Alliance UX Working Group and Chief Experience Officer at Trusona. “Simply put, the UX is a critical component in helping consumers adopt passkeys as a password replacement. These guidelines are a carefully researched set of best practices that will help online service providers design a better, more consistent user experience when signing in with passkeys and ultimately maximize adoption.”
The FIDO Alliance UX Working Group, in collaboration with usability research firm Blink UX, developed these guidelines. The project received additional support from underwriters including 1Password, Google, Trusona, and US Bank. This collective effort involved conducting formal research on FIDO user journeys and actively engaging with stakeholders in the FIDO Alliance to establish the recommended UX best practices outlined in the guidelines.
The publication of the FIDO Alliance UX Guidelines for Passkey Creation and Sign-ins marks a significant step towards driving the widespread implementation and adoption of passkeys as a secure alternative to traditional passwords. These guidelines serve as a valuable resource for online service providers, assisting them in creating a seamless and consistent user experience when utilizing passkeys for authentication.