PayPal is getting more secure passkey logins

PayPal announced today that passkeys are being added as a new, password-less login method to secure PayPal accounts for iPhone, iPad, and Mac users on PayPal.com, with plans to expand passkeys to other platforms as they add support. PayPal passkeys are rolling out to US customers today and will be available to “additional countries” in early 2023.

Passkeys are a new type of login credential that uses cryptographic key pairs to do away with passwords altogether. That way, they’re resistant to phishing attempts and are designed to avoid sharing passkey data between platforms, addressing the weakness of current password-based authentication.

Apple, Google, and Microsoft have all pledged to bring the FIDO Alliance standard to their respective OSes. The newly-released updates for Apple devices are ready to go, while earlier this month, Google started testing support in Android and Chrome so developers can see how it works, and Microsoft has said its accounts will work with passkey in the “near future.”

Reusing passwords across online accounts leaves users open to hacking and other vulnerabilities, but remembering individual login details is no easy task without a secure password manager. A study from Verizon shows that over 2.6 billion records were hacked in 2017, with 81 percent estimated to have been caused by password stealing and guessing.

Existing PayPal users will find an option to create a passkey after logging into their account via a desktop browser or mobile web on devices running iOS 16, iPadOS 16.1, or macOS Ventura. Users will be prompted to authenticate the setup with Apple Face ID or Touch ID. A passkey will then be automatically generated and synced across Apple devices with iCloud Keychain. The feature is currently only supported on desktop and mobile web, and PayPal has confirmed plans to extend support to the PayPal app in the coming months.