Amazon, the biggest e-commerce website in most countries, now supports passkeys. That gives users access to the new login solution that's considered more secure than passwords, allowing them to access their account using the biometrics or PIN they use to unlock their devices. The company started rolling out the capability a few days ago but has only just announced the feature, which is now available on browsers and is gradually making its way to all users accessing Amazon through its iOS app. Passkey support is also "coming soon" to Amazon's Android application.
Passkeys are resistant to phishing, the effects of data leaks or social engineering, because there are no passwords to steal or give away. Instead, the technology uses cryptographic pairs, one of which is a public key saved on a particular service's servers, while the other one remains private and is securely saved to a user's device. These pairs are unique for every service, and they must match for someone to be able to log in. It's also a lot less involved than two-factor authentication, though for some reason, Amazon will not automatically switch it off for those who turn on passkey support.
In its FAQs, Amazon says that those who have two-factor switched on will still need to verify their identities with a one-time code even after they activate the new login option. It's unclear if users will no longer have to key in two-factor codes after their initial login with a passkey, but upon trying it out, we weren't asked for one the next time we signed in. To switch on passkey login, users only need to go to Login & Security under Your Account on Amazon and then choose "Set up" next to the new Passkeys option.