FIDO Alliance’s newest specifications for passkeys enable better user choice and flexibility in credential managers

The driving force behind passkeys, the FIDO Alliance, is working to make passkeys even easier to adopt by publishing new working drafts of specifications for secure credential exchange, a format for transferring different types of credentials in a credential manager.  

Passkeys have significant momentum at this moment of time, with over 12 billion online accounts today being accessed via passkey. The group wants to build on that momentum by promoting user choice and further removing technical barriers to adoption.

According to the FIDO Alliance, up until now, there hasn’t been a standard for moving credentials in a secure way, and the new specifications — Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF) — provide a standard format for “transferring credentials in a credential manager including passwords, passkeys and more to another provider in a manner that ensures transfer are not made in the clear and are secure by default.”

These specifications were developed by the organization’s Credential Provider Special Interest Group, which includes representatives from 1Password, Apple, Bitwarden, Dashlane, Enpass, Google, Microsoft, NordPass, Okta, Samsung, and SK Telecom.

Once CXP and CXF have been standardized, credential providers will be able to implement them and provide users a better experience when changing credential management platforms. 

The FIDO Alliance explained that as these specifications are still in draft form, they are not intended to be implemented yet since they might change. In the meantime, the organization encourages the community to review and provide feedback on them. 

Passkey Central launches as a new resource for learning about passkeys

Additionally, the FIDO Alliance has launched Passkey Central, where people can learn about why and how to implement passkeys. 

It includes resources like an introduction to passkeys, business considerations, internal and external communication materials, implementation strategies and roll-out guides, UX and design guidelines, troubleshooting, and a glossary, figma kits, and accessibility guidance. 

“Passkeys are the simplest and most secure way for consumers to access the global connected economy,” said Andrew Shikiar, CEO of FIDO Alliance. “The early adoption of passkeys has been remarkable and it is now time to help more service providers break their dependence on passwords. Passkey Central will accelerate the use of passkeys by providing product leads and architects with independent and authoritative guidance on why and how to implement passkeys for their own website and services.”