What is a cross-device passkey?
CDA (Cross-Device Authentication) allows users to use a passkey from one device for authentication on another, facilitating seamless access across diverse platforms. This innovative approach is underpinned by the FIDO Client-to-Authenticator Protocol (CTAP), which employs a "hybrid" transport mechanism. CTAP is integral to the CDA process, being implemented by authenticators and client platforms rather than relying on parties, ensuring a secure and efficient authentication experience.
Key Takeaways
-
CDA enhances user convenience by allowing the use of a passkey across different devices and platforms.
-
CDA is different from syncing passkeys across devices via cloud accounts.
-
It leverages FIDO's CTAP with a "hybrid" transport mechanism for secure authentication.
-
CDA makes use of QR codes scanning to pair devices and Bluetooth for proximity checks.
Can passkeys be used across platforms?
Passkeys have cross-device and cross-platform capability. They can be shared across platforms and devices via QR codes and Bluetooth. To use passkeys from another device, you need to have one of your registered devices nearby. The website/app on your new device will generate a QR code which can be scanned by the user’s phone before verifying it with Face ID or fingerprint to complete the authentication process on the new device.
Passkeys are also backed up securely in the iCloud Keychain and Google Password Manager. If you attempt to log in to the same account on your e.g. Mac, iPhone, and iPad – all you need is your Face ID or fingerprint to verify it’s you and access it.
Passkeys are not restricted to devices, browsers or operating systems from one company. Although they are anchored to one company's technology suite, users are able to e.g. bridge out of Apple's world to use passkeys with Microsoft's or Google's, e.g. "Users can sign in on a Google Chrome browser that's running on Microsoft Windows, using a passkey on an Apple device".ommended to consider the associated risks before proceeding.
Which kind of passkey supports the cross-device Function?
Passkeys created with iCloud Keychain
-
Verify directly on Mac, iPhone, iPad, and other Apple devices with the same Apple ID
-
Don't support Android devices
-
Other devices: Scan the QR code to log in.
Passkeys created by the current device (Your Chrome profile)
The passkey created by the current device will only be saved on this device.
Note:
Due to varying levels of passkey support across different versions of iOS, macOS, and Windows, as well as the complexity of Android devices, not all scenarios support cross-device usage of passkeys for login. If you encounter any errors, please contact us or switch to another verification method.