The FIDO Alliance, a consortium dedicated to the creation of open authentication standards, has just published new specifications for passeskeys. Developed with the help of Apple and other industry heavyweights, they aim to allow users to easily transfer their identification keys between different providers, while ensuring their security. A major advance for this technology intended to replace traditional passwords and which is already supported by more than 12 billion online accounts.
A common protocol to exchange passeskeys securely
Introduced two years ago, notably on iOS 17, passkeys replace passwords with more secure authentication using a security key or biometrics. But until now, there was no standard and secure way to transfer them between managers.
This is the challenge of the new FIDO Alliance specifications, called Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF). They define a standard format for encrypted transfer not only of passkeys, but also of other types of identifiers. Concretely, this means that a user will soon be able to export a passkey saved in Apple’s Passwords application to another manager like 1Password, Dashlane or BitWarden. The reverse will also be possible, all in a transparent and secure manner.
Deployment planned for 2025 after finalization
If Apple has not yet communicated on the subject, the Cupertino company actively participated in the development of these specifications alongside other giants like Google, Microsoft or Samsung. All are members of the FIDO Alliance and are committed to supporting these new import/export formats.
The objective is to encourage the mass adoption of passeskeys by giving more choice and control to users. With already more than 12 billion compatible accounts, this technology promises to make the web safer and more convenient.
The published specifications are still in draft form and need to be reviewed by the industry. Their finalization and implementation by suppliers are not expected before next year. But there is no doubt that Apple will be among the first to offer this functionality on iOS and macOS. The Apple firm, which already synchronizes passkeys between Apple devices via iCloud, is at the forefront on the subject. In the meantime, iPhone and iPad users can already take advantage of passkeys to connect more simply and securely to their favorite apps and sites like X or WhatsApp.
