Amazon has discreetly rolled out passkey support as part of its commitment to a passwordless future. This allows users to log in using biometric authentication on their devices, such as fingerprint or face scans. Although this new feature adds a layer of security by making it challenging for hackers to gain remote access to users’ accounts, it has certain limitations.
Amazon has embraced passkeys in pursuit of enhanced security, but only with a few hitches.
Limited Support and Redundant Authentication
Amazon’s implementation has been criticized despite the potential benefits of incorporating passkeys. Vincent Delitz, co-founder of the German tech startup Corbado, who first chronicled the arrival of passkey support on Amazon, pointed out that there is currently no passkey support in Amazon’s native apps, such as the shopping app or Prime Video. This means users still have to sign in using a password.
Additionally, if you have set up a passkey but previously enabled two-factor authentication (2FA), Amazon will still prompt you to enter a one-time verification code when logging in. Delitz described this as “redundant,” given that the purpose of passkeys is to remove the need for 2FA, as they are stored on your device.
Amazon has stated on its website that users will still need to verify a one-time code after signing in with the passkey, but it does not explain this requirement. Whether the need for 2FA codes is a temporary feature or whether Amazon plans to extend passkey support to its mobile apps remains to be seen. Furthermore, whether passkey support is available to all Amazon users is still being determined. However, it has been confirmed that the feature is accessible in the U.S., the U.K., France, and Germany.
Embracing the Passwordless Future
The implementation of passkeys by Amazon comes at a time when other tech giants are also embracing this security measure. WhatsApp has recently announced that it’s rolling out support for passkeys to all Android users, and Google has stated plans to make passkeys the default sign-in method for all Google Account holders. Other platforms such as GitHub, Windows 11, TikTok, and 1Password have also implemented support for passkeys.
The move towards a passwordless future is a crucial step in enhancing digital security. It reduces the risk of password-related breaches and strengthens user account protection. Despite the initial hitches, Amazon’s move to support passkeys is a significant step in the right direction. It signals a broader trend in the tech industry towards more robust and user-friendly security measures.