The Process to Rapidly Adopt Passkeys
Each roll-out guide has five phases that are often repeated as your organization learns new information throughout the process. The strategy to rapidly adopt passkeys is designed to rapidly reduce authentication costs while adopting an authentication strategy aligned with global standards for phishing resistance and simplified end user experience.
Identify needs
You can educate leaders and inspire teams to explore passkeys by documenting potential ways to improve the business by increasing sign-in rate, producing faster sign-in times, lowering cart abandonment, and reducing account takeover. The first step is to identify the needs of your organization and your end users and document them, as it is essential to document business needs when you implement a new authentication method.
To begin this process, document your organization's current authentication methods, use cases, costs, and performance metrics and then compare these with offering passkeys as a sign-in option. This will reveal user and business opportunities for the implementation of support for passkeys.
The Analysis of Inventory, Costs, and User Experience for Authentication Methods worksheet contains an authentication inventory, cost analysis, and user experience analysis. There are two tabs in the worksheet. One contains sample data and the other tab is blank. Use the blank tab to enter your own data.
⤓ Download the Excel file
passkey-worksheet-authentication-method-inventory-costs-and-user-experience-analysis.xlsx
Research and screen ideas
You can to research and screen ideas around the best way for your customers to rapidly adopt passkeys. One way to start is to learn from the challenges and successes that similar organizations encountered during their journey to implement support for passkeys passkeys. You can review case studies from Google, Kayak, Dashlane, and other organizations. As you examine the case studies, compare the metrics and use cases they describe with the details in your sample worksheet.
The FIDO Alliance provides fourteen design patterns. For this guide, FIDO recommends that you implement one through four for launch and the remaining patterns after launch.
- Create, view, and manage passkeys in Account Settings
- Sign in
- New Account Creation with a Passkey
- Deprecate SMS OTP
Concept and prototype
After you document your vision to improve business metrics with passkeys, you will likely work backward to build a technology and product plan to achieve these goals.
Implementation of support for passkeys requires that you add or update front-end and back-end components, including a FIDO Certified server, and user experiences within your systems. There are many options to acquire these technology components.
The technology acquisition options include:
Option one
Ask your consumer identity and access management system (CIAM) provider for a passkey briefing. They might already have all the passkey technology and user experiences you need. If you do not have a CIAM provider, refer to the FIDO Certified Showcase for a list of providers.
Option two
Begin conversations with your in-house IT and user experience teams about passkey technology selection. Discuss the option to build the technology and user experiences in-house. Investigate open source libraries and FIDO Certified servers that are available in the market. Refer to Libraries for a list of open source code libraries.
Follow a similar collaborative process with your organization's marketing and customer support departments. Because this roll-out strategy is designed to rapidly migrate existing end users to passkeys you will need to collaborate with your organization's marketing and customer support departments to coordinate marketing campaigns and support materials that accompany the initial launch of passkeys.
To create a passkeys proof of concept that will identify the level of effort and schedule needed for initial launch, it is common for organizations to dedicate a sprint to the project or run a hackathon. The output of this work is only for employees and not shared with users. This process allows the team to resolve defects and work through nuances to prepare to educate people and move users toward passkey use. Your team can share the output of this work with executive stakeholders and resolve change requests. Following the Design Guidelines helps make the passkey experience simple and secure. Most organizations create multiple iterations of the proof of concept.
Build and test
The next step is to build a launch plan and begin testing the implementation. The following resources can help you accomplish the build and test process.
- Use the design patterns listed in Research and screen ideas.
- Refer to Customer Communications for more information on creating user-facing support materials for passkeys.
- Use FIDO's Figma UI Kits to understand the ecosystem of operating system and browser interfaces used in passkey experiences. There is another FIDO Alliance UI kit which includes all the sample website user interfaces for passkeys found in the Design Guidelines.
- As you work through the build and test phase, you will discover technology inconsistencies between browsers, operating systems, and credential managers. You will encounter barriers to some passkey use cases and discover unhappy paths in the user journey. To understand these challenges in advance, reference Troubleshooting before, during, and after this phase. The Troubleshooting section contains learnings and guidance from FIDO Alliance member companies from their implementation of support for passkeys and will save you time during your own implementation.
Release and optimize
This roll-out strategy is designed to allow end users to rapidly adopt passkeys and requires a medium level of effort to implement. The end user experience needed for the rapid roll-out strategy requires that your service proactively educates and entices end users to create a passkey. Additionally, the workflows for end users to create new accounts should be adjusted so that new accounts use passkeys, not passwords. This increases the rate of passkey adoption.
After release, optimize your deployment by implementing the following passkey design patterns.
This list is continued from Research and screen ideas.
- Create Passkey After Account Recovery Due To Forgotten Password
- Use Passkeys Created on Websites to Sign In to Apps (and Apps to Websites)
- Passkey Management UI: Best Practices for Combining All Passkey Types
- Remove Passkeys from Service Provider Account Settings
- Cross-Device Sign-In
Continue to monitor metrics around passkey enrollment, passkey sign-in, and related data to help you determine the next steps to expand passkey usage and use cases. Use your Passkey Worksheet to track actual passkey data.
The Analysis of Inventory, Costs, and User Experience for Authentication Methods worksheet contains an authentication inventory, cost analysis, and user experience analysis. There are two tabs in the worksheet. One contains sample data and the other tab is blank. Use the blank tab to enter your own data.
⤓ Download the Excel file
passkey-worksheet-authentication-method-inventory-costs-and-user-experience-analysis.xlsx