Understanding Passkeys and Their Importance
Passkeys are an emerging authentication method designed to be more secure than traditional passwords. Unlike passwords, passkeys use encrypted credentials stored on a digital or hardware device, making them resistant to phishing attacks. Supported by major tech companies like Microsoft, Apple, and Google, passkeys aim to replace weaker multi-factor authentication (MFA) methods, which are often targeted by cyber attackers.
Passkey Adoption in APAC
In the Asia-Pacific (APAC) region, passkey adoption is growing. Countries such as Japan, India, and the Philippines see increased use, driven by global outsourcing and the desire for enhanced security. For example, companies like Australia's Atlassian are moving towards passkeys for better security compared to older authentication methods.
Australia’s Slow Adoption of Passkeys
Despite the APAC trend, Australia lags in adopting passkeys. In sectors like banking, the One Time Passcode (OTP) remains prevalent. Although OTPs are more secure than passwords alone, they can still be susceptible to phishing. The digital bank Ubank is a notable exception, having implemented passkeys to prevent financial scams.
Barriers to Adoption
Several factors contribute to the slow uptake of passkeys in Australia:
- Perceived Complexity: Many perceive passkeys and devices like YubiKeys as complicated compared to traditional methods.
- Organizational Resistance: There is often resistance to change within organizations, which can hinder the adoption of new technologies.
- User Education: A lack of awareness and understanding of the benefits of passkeys can slow down their implementation.
- Integration with Existing Systems: Incorporating passkeys into current systems is sometimes seen as a technical challenge.
- Customer Experience Concerns: Banks and other institutions are cautious about changing authentication methods, worrying about customer comfort with traditional processes.
Strategies for Successful Passkey Implementation
According to Geoff Schomburgk of Yubico, to successfully implement passkeys, organizations should:
- Overcome Perceived Barriers: Recognize that the actual challenges may not be as daunting as they seem.
- Highlight Benefits: Focus on the security and convenience advantages of using passkeys over older methods.
- Educate Stakeholders: Invest in educating both IT personnel and end-users to create awareness about the benefits of passkeys.
- Start Small: Implement passkeys in stages to build familiarity and momentum for broader adoption.
The Role of Big Tech and Government
Big tech companies are facilitating broader passkey usage. For example, in 2024, Microsoft enabled passkey access on platforms like Microsoft 365 and Xbox.com, while brands including Adobe, Amazon, and Google also support passkeys. Government initiatives, like Australia’s Cyber Security Strategy, aim to enhance security maturity, although challenges remain.
In summary, while passkey technology is gaining traction in APAC, Australia faces unique challenges that slow its adoption. By addressing perceived complexities and focusing on education and awareness, Australia can move towards more robust security solutions.
(Source: FIDO Alliance, Cyber Security Strategy 2023-2030, Yubico)
