Skip to main content

Scope of Work for Initial Launch to Rapidly Adopt Passkeys

This page covers the scope of initial launch to Rapidly Adopt Passkeys. Use this page to help determine the scope of your initial launch.

You can compare the scope of work needed for initial launch for each strategy by referring to Compare the FIDO Passkey Roll-Out Strategies.

info

The initial launch is the moment in time when a service provider first makes passkeys available to customers.

Team

For each passkey roll-out strategy there is a core team and an extended team of additional stakeholders. The core team focuses much of their work on passkeys for a certain number of months or sprints and typically consists of the following individuals:

  • Content strategist (1 person)
  • Customer success and support leader (1 person)
  • Engineers (2 people)
  • Marketing leader (1 person)
  • People from a solutions provider (2+ people)
  • Product manager (1 person)
  • Senior program manager (1 person)
  • User experience designer or researcher (1 person)
  • Usability researcher (1 person)

Consider consulting an extended team of additional stakeholders at major milestones in the project but they do not focus on passkeys day to day. Additional stakeholders might include:

  • Chief Technology Officer (CTO) — Chief Product Officer (CPO) — Chief Marketing Officer (CMO)
  • Chief Information Security Officer (CISO)
  • Data analyst
  • IT architect — Solutions architect
  • Security analyst
  • Third-party research analyst
  • An individual from your legal team
  • The leader of your risk or fraud team

Supported use cases

If your organization uses multiple domains, this roll-out strategy accounts for supporting passkeys on most or all of the domains for initial launch.

Supported passkey types

Both strategies support both synced and device-bound passkeys.

Supported use cases

Start with the authentication use cases that are the most important for your organization. For many organizations this includes:

  • Native mobile apps for iOS and Android
  • Mobile-web
  • Desktop-web

Supported operating systems

With strategy to adopt passkeys rapidly, many organizations to support multiple operating systems for the initial launch of passkeys.

Supported regions and languages

With strategy to adopt passkeys rapidly, organizations typically to support passkeys in multiple regions and potentially multiple languages.

Password strategy

With the strategy to adopt passkeys rapidly there are no significant changes to password use upon initial launch. For example, if an existing customer creates a passkey, they still have the option to use their password to sign in.

note

In June of 2024 Apple announced Automatic passkey upgrades.

When a user signs in on iOS18+, and already has a username and password available for autofill to the online service’s app or web page, a passkey is automatically created and given to the app or web page so they can silently register the passkey for the user without bothering them with an explicit passkey registration flow.

On subsequent sign-ins the user can be offered the more convenient passkey autofill rather than the password autofill they had set up. This is an important feature to leverage since users often ignore promotions that offer passkey registration flows, since they are busy with other tasks. This optimization of password upgrade removes that registration burden from the user.