In a subtle but significant stride towards a passwordless future, Amazon has discreetly unveiled support for passkeys. This innovation allows users to log in using biometric authentication, such as fingerprint or facial recognition, making it considerably more challenging for unauthorized individuals to access their accounts. But before you bid farewell to your Amazon password, there's a catch.
The option to establish a passkey is now available on Amazon's website. It empowers users to harness the power of biometrics to secure their accounts. This means that not only must someone have your password, but they also need physical access to your device. It's a formidable security barrier that guards against remote access attempts.
However, Amazon's implementation of passkeys comes with its set of quirks, as pointed out by Vincent Delitz, co-founder of German tech startup Corbado, who first spotted this new feature. Notably, Amazon's native apps, including the shopping app and Prime Video, do not currently support passkeys. This means that, for now, you'll still require a password to log in using these apps.
Furthermore, if you've set up a passkey but have previously enabled two-factor authentication (2FA), Amazon will still prompt you to enter a one-time verification code when logging in. This appears somewhat redundant, considering that passkeys are designed to eliminate the need for 2FA since they are stored on your device.
Amazon's website states, "You will still need to verify a one-time code after signing in with the passkey," without providing a clear explanation for this requirement.
It remains uncertain whether the necessity for 2FA codes is a temporary measure or if Amazon plans to extend passkey support to its mobile apps. Additionally, it's unclear if passkey support is accessible to all Amazon users. However, it has been confirmed that the feature is available in the U.S., U.K., France, and Germany.
When asked for further details, Amazon spokesperson Adam Montgomery chose not to provide answers but stated that Amazon is "in the early stages of adding Passkey support for Amazon.com to give customers another secure way to access their accounts. We will have more to share soon."
This introduction of passkeys on Amazon coincides with WhatsApp's announcement of rolling out passkey support to all Android users. It follows Google's recent declaration of making passkeys the default sign-in method for all Google Account holders. Notably, other platforms such as GitHub, Windows 11, TikTok, and 1Password have also embraced passkeys, marking a collective shift towards heightened online security.