FIDO Alliance Proposes Secure Passkey Transfer Protocol for Enhanced Interoperability and Security

FIDO Alliance Proposes Secure Passkey Transfer Protocol for Enhanced Interoperability and Security

The FIDO Alliance has proposed a new protocol aimed at simplifying the transfer of passkeys across different platforms. This initiative is part of the alliance’s efforts to enhance credential provider interoperability and improve the adoption of passkey technology.

The new protocol, which includes specifications for the Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF), aims to standardize the process of transferring credentials such as passwords and passkeys between different providers. This ensures that transfers are secure and not made in the clear, enhancing overall data privacy and security.

The FIDO Alliance, which includes prominent members like Apple, Google, Microsoft, 1Password, Bitwarden, Dashlane, Enpass, NordPass, Okta, Samsung, and SK Telecom, has emphasized the importance of secure credential exchange in accelerating passkey adoption and improving user experience.

Sign-ins with passkeys have been shown to reduce phishing attacks and eliminate credential reuse, making them up to 75% faster and 20% more successful than traditional password-based sign-ins or those using a second factor like SMS OTP.

The development comes as Amazon revealed that over 175 million customers have enabled passkeys on their accounts, nearly a year after the initial rollout. This widespread adoption underscores the growing commitment to passwordless security solutions.

Andrew Shikiar, CEO of the FIDO Alliance, noted that passkeys fundamentally shift the way users sign in to their online accounts, prioritizing security and user experience. The new protocol is designed to address the current limitation of passkeys being locked to specific operating systems or password manager services, thereby requiring users to create new passkeys for each device.

By standardizing the transfer of credentials, the FIDO Alliance aims to make passkey technology more accessible and user-friendly, further enhancing online security and reducing the risk of data breaches.


Discover more from Altralto

Subscribe to get the latest posts sent to your email.

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.