Amazon Quietly Wades Into the Passkey Waters

  /     /     /  
Publicated : 23/11/2024   Category : security


Amazon Quietly Wades Into the Passkey Waters


The move by the e-commerce kahuna to offer advanced authentication to its 300+ million users has the potential to move the needle on the technologys adoption, security experts say.



Amazon has silently rolled out passkeys for shoppers and streamers, following other tech giants like Google and
Microsoft
into the next-gen cloud authentication fray.
The concept of passkeys is familiar to most users, thanks to FaceID and TouchID for Apple devices, digital fingerprint scanners on laptops, screen-lock PINs, and other forms of passwordless unlocking mechanisms for hardware devices. In recent months, that same concept has made its way to cloud services, websites, and apps, with everyone from Uber to OnlyFans allowing users to sign into their cloud-based accounts using the same device-based technology.
Enterprises are also eyeing passkeys
for internal use.
Corbado co-founder Vincent Delitz first noticed and publicized the addition for Amazon users, noting that, given Amazons vast user base, this rollout is set to familiarize a large segment of non-tech-savvy users with the benefits of passkeys. The ease of use might convince these users to demand passkeys from other online platforms as well.
However, he did flag a few
glitches with Amazons passkey implementation
, including the odd choice not to include passkey support for Amazon native mobile apps (that goes for the e-commerce app as well as Prime Video); the need to configure separate passkeys for each country or top-level domain; not including passkey autofill; device management challenges; and other quibbles. Amazon did not immediately return a request for comment from Dark Reading on the matter.
Still, the rollout — along with Googles announcement last week that it will
make passkeys its default sign-in mechanism
— greatly amplifies the drumbeat, for once and for all, to move beyond passwords and even basic forms of two-factor authentication, such as SMS-based, one-time codes. Eduardo Azanza, CEO at Veridas, sees nothing but security upside in the development.
Biometrics are tied to a users physical characteristics and therefore cannot be compromised as easily by cybercriminals. And, security teams are able to quickly detect instances of fraud, identity theft and spoofing, he said in emailed comments. The roll-out of passkeys by Amazon is a strong message that the big tech firms know that it is time to end the password.
He added, [We are] shifting the paradigm away from the presumption of what we know or what we have, which is how passwords have worked so far, to who we are: people with unique qualities that cannot be duplicated.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Amazon Quietly Wades Into the Passkey Waters