The Process to Gradually Adopt Passkeys
Each roll-out strategy has five phases that are often repeated as your organization learns new information throughout the process. This strategy is designed to require the least amount of effort and time to deploy support for passkeys.
Identify needs
You can educate leaders and inspire teams to explore passkeys by documenting potential ways to improve the business by increasing sign-in rate, producing faster sign-in times, lowering cart abandonment, and reducing account takeover. The first step is to identify the needs of your organization and your end users and document them, as it is essential to document business needs when you implement a new authentication method.
To begin this process, document your organization's current authentication methods, use cases, costs, and performance metrics and then compare these with offering passkeys as a sign-in option. This will reveal user and business opportunities for the implementation of support for passkeys.
The Analysis of Inventory, Costs, and User Experience for Authentication Methods worksheet contains an authentication inventory, cost analysis, and user experience analysis. There are two tabs in the worksheet. One contains sample data and the other tab is blank. Use the blank tab to enter your own data.
⤓ Download the Excel file
passkey-worksheet-authentication-method-inventory-costs-and-user-experience-analysis.xlsx
Research and screen ideas
You can also research and screen ideas around the best way for your customers to rapidly adopt passkeys. One way to start is to learn from the challenges and successes that similar organizations encountered during their journey to implement support for passkeys.
To learn from other organizations, you can review case studies from companies such as Google, Kayak, and Dashlane. As you examine these case studies, compare the metrics and use cases they describe with the details in your sample worksheet.
The FIDO Alliance provides fourteen design patterns. For this guide, FIDO recommends that you use two of them:
These two patterns represent the most simple passkey deployment and it is helpful to read the details and watch the videos for both.
The Create, view, and manage passkeys pattern describes how to prompt people to create, view, and manage passkeys in their Account Settings. The Sign in with a passkey pattern describes the best practices for authenticating with a passkey.
Concept and prototype
To achieve the goals you identified in your vision to improve business metrics with passkeys, you will likely need to work backward to build a technology and product plan.
Implementation of support for passkeys requires you to add or update front-end and back-end components, this includes a FIDO server, and user experiences within your systems. There are many options to acquire these technology components.
Options include:
Use a CIAM provider
Ask your consumer identity and access management system (CIAM) provider for a passkey briefing. They might already have all the passkey technology and user experiences you need. If you do not have a CIAM provider, refer to the FIDO Certified Showcase for a list of providers.
Use an in-house team
Begin conversations with your in-house IT and user experience teams about passkey technology selection. Discuss the option to build the technology and user experiences in-house. Investigate a few of the many open source libraries and FIDO Certified servers available. Refer to Libraries for a list of open source libraries.
By design, this roll-out strategy allows a single team to create a proof of concept with no major dependencies on other departments for program management. For example, there is little to no deep collaboration needed with the risk and fraud departments, marketing departments, or departments in other regions of the world since this roll-out strategy applies to only a single region and a limited use case. Members of the team who create a proof of concept typically possess skills pertaining to technology architecture, software engineering, user experience, and product management.
To create a passkeys proof of concept that will identify the level of effort and schedule needed for initial launch, it is common for organizations to dedicate a sprint to the project or run a hackathon. The output of this work is only for employees and not shared with users. This process allows the team to resolve defects and work through nuances to prepare to educate people and move users toward passkey use. Your team can share the output of this work with executive stakeholders and resolve change requests. Following the Design Guidelines helps make the passkey experience simple and secure. Most organizations create multiple iterations of the proof of concept.
Build and test
The next step is to build a launch plan and begin testing the implementation. The following resources can help you accomplish the build and test process.
- Use the design patterns listed in Research and screen ideas.
- Refer to Customer Communications for more information on creating user-facing support materials for passkeys.
- Use FIDO's Figma UI Kits to understand the ecosystem of operating system and browser interfaces used in passkey experiences. There is another FIDO Alliance UI kit which includes all the sample website user interfaces for passkeys found in the Design Guidelines.
- As you work through the build and test phase, you will discover technology inconsistencies between browsers, operating systems, and credential managers. You will encounter barriers to some passkey use cases and discover unhappy paths in the user journey. To understand these challenges in advance, reference Troubleshooting before, during, and after this phase. The Troubleshooting section contains learnings and guidance from FIDO Alliance member companies from their implementation of support for passkeys and will save you time during your own implementation.
Release and optimize
This roll-out strategy requires a low level of effort to implement. The end user experience needed for the gradual roll-out strategy does not require you to interrupt the end user with requests to create a passkey. There is no call to action to learn about or create passkeys and there is no major marketing campaign to coordinate announcing support for passkeys. This is done by design to simplify the roll-out strategy.
To keep this roll-out strategy simple, you simply have a prompt to create passkeys in the user Account Settings. This is documented in detail in the Create, View, and Manage Passkey in Account Settings design pattern. Users who come across the prompt can choose to create a passkey. By design, this limits the number of passkeys users create and gives your organization time to methodically respond to any issues that arise and resolve them with minimal internal resources.
After release, consider optimizing your deployment by implementing additional passkey design patterns.
Continue to monitor metrics around passkey enrollment, passkey sign-in, and related data to help you determine the next steps to expand passkey usage and use cases. Use your Passkey Worksheet to track actual passkey data.
The Analysis of Inventory, Costs, and User Experience for Authentication Methods worksheet contains an authentication inventory, cost analysis, and user experience analysis. There are two tabs in the worksheet. One contains sample data and the other tab is blank. Use the blank tab to enter your own data.
⤓ Download the Excel file
passkey-worksheet-authentication-method-inventory-costs-and-user-experience-analysis.xlsx