News about Google’s plans to integrate biometric passkeys into their password managers has sparked a mix of curiosity and concern. But a closer examination of the technology reveals a robust shield against cyberattacks, effectively safeguarding both your data and your biometric identifiers — yes, even from the tech giants themselves.
Passkeys, while buzzing in the tech world recently, aren’t a novel concept. Companies like OnePass, Google, Apple, Microsoft, and Amazon have been fortifying the digital fortresses of millions for several years, automating the creation, recall, and autofill of complex passwords.
Historically, these password managers depended on one master password. This single key, if weakly created — think “Firstnamelastname$” — could unravel the security of countless robust passwords. Enter biometrics: a solution impervious to online hacking, with the added perk of never having to remember your fingerprint or facial structure.
Now, internet behemoth Google has a plan to make compromised passwords a thing of the past.
The main concern, however, lingers around the storage and use of biometric data. Rest assured, this information remains confined to your device, unattainable even to the manufacturers.
The question that many still raise issues with, however, is what happens to the biometric information once you give your device access. Simple, it stays on your device, and it’s inaccessible even to the device makers.
Imagine your biometric data as a valuable painting locked in a bank vault. Apple’s “Secure Enclave” is like a vault — a fortress within a fortress that fits in your pocket. When you use facial recognition to unlock your iPhone or access passwords, it’s like giving the bank a code that only checks if you’re the rightful owner. This data, transformed into a mathematical model, is indecipherable and used solely to verify your identity — nothing more.
There’s Just One Problem that Passkeys Don’t Solve
The Achilles’ heel? Physical threats.
Passkeys are ultra-secure, but if someone physically acquires your device and employs advanced techniques to breach its defenses, then, and only then, is your data at risk. However, such James Bond-esque scenarios are rare compared to the omnipresent danger of cyberattacks.
The real battleground lies in the digital world, where cyber threats loom over every online interaction. Here, biometric passkeys stand as vigilant guardians, drastically reducing the risk of digital intrusion.
Conclusion
While no system is impervious to every threat, the shift toward biometric passkeys marks a significant stride in online security. It’s a marriage of convenience and safety — where your unique biological traits become the key to a more secure digital existence.
Of course, if that all sounds too 1984 for your taste, I respect the decision to avoid biometric passkeys. But as we navigate this ever-evolving digital landscape, embracing these advancements isn’t just about staying current; it’s about staying protected. Biometric passkeys and password managers are useful ways to do so.
Senior Policy Analyst
Caden is the Technology and Innovation Policy Analyst at Libertas Institute. He previously worked at the Center for Growth and Opportunity at Utah State University as well as TechFreedom while earning his JD from American University Washington College of Law.