Get your free and exclusive +30-page Authentication Analytics Whitepaper
Back to Overview

Amazon Passkeys: Response to Consumer Demand with Poor Implementation

Amazon introduces passkeys, signaling a shift in e-commerce authentication. While the move is great in general, its implementation can be improved.

Vincent Delitz
Vincent Delitz

Created: October 16, 2023

Updated: April 17, 2026

amazon passkeys launch
AWS Partner Badge

Corbado is an AWS certified partner, and its Cognito integration has passed the Well-Architected Review Framework (WAFR)

Go to AWS

Amazon, the e-commerce behemoth, has recently and silently joined the passkey bandwagon. Recognizing the increasing demand by consumers to enhance security and in particular user convenience, Amazon rolls out passkeys widely across most devices and browsers. This underlines Amazons commitment to bend to consumer demand. This move follows the trend among tech giants, with Apple, Google, and others like TikTok, OnlyFans and Uber leading the passkeys wave, while Amazon rather late joins the party.

Screenshot 1: Amazon Passkey Sign in

Read also our in-depth analysis on e-commerce funnels at Amazon.

Recent Articles

Key Facts
  • Relying Party ID fragmentation forces Amazon users to register separate passkeys per regional domain (e.g., amazon.com vs. amazon.de), creating a disjointed experience for international shoppers on the same device.
  • Conditional UI (Passkey Autofill) is absent from Amazon's implementation, a feature competitors have already adopted, reducing sign-in seamlessness for returning users.
  • Native app support is missing: Amazon's shopping app and Prime Video both lack passkey functionality, causing confusion when a passkey created via the web cannot be used in mobile apps.
  • Redundant OTP prompts remain for users with 2-step verification enabled, despite passkeys being two-factor authentication by default, adding an unnecessary friction step.
  • Amazon's passkey rollout across most devices and browsers mirrors moves by Apple, Google, TikTok and Uber, signaling broader e-commerce industry adoption momentum.

The Upside of Amazons Passkey Integration#
  • Enhanced Security: Passkeys make users lives safer, mitigating phishing threats and eliminating the hassle of coming up and remembering passwords.
  • Consumer Education: Given Amazon's vast user base, this rollout is set to familiarize a large segment of non-tech-savvy users with the benefits of passkeys. The ease of use might convince these users to demand passkeys from other online platforms as well.
  • Industry Implications: The ripple effect of Amazon's move can potentially catalyze a widespread shift in the e-commerce and SaaS industry towards quick passkey adoption.

Screenshot 2: Amazon Passkey Overview & FAQ

Substack Icon

Subscribe to our Passkeys Substack for the latest news.

Subscribe

Why Amazon messed up its Passkey Implementation#
  • Relying Party ID Issues: Depending on a user's country that he has set, he may be redirected to different Amazon domains, requiring separate passkeys for each country / top-level domain. This is due to the security structure of passkeys, as each passkey needs to be registered for one Relying Party ID (e.g. amazon.com and amazon.de). In screenshot 3, you see that for one device (Windows 11 with Chrome) two passkeys were set up.
  • Conditional UI Is Missing: By not implementing Conditional UI (Passkey Autofill), Amazon missed out on a critical feature that could have made passkey use even more seamless for users. The reasons behind are still unclear as other companies have implement Conditional UI already.
  • Inferior Device Management: Current device detection and management for passkeys is clunky, possibly leading to user confusion, especially for those using browsers like Chrome on Mac, where a QR code was shown instead of explaining that a passkey is not available or just skipping passkeys (QR codes still being a major struggle for most consumers).
  • No Native App Support: Surprisingly, native apps either for Amazon's shopping app or for Prime Video lack passkey support (see screenshot 4 and 5 below with the message that no passkey could be created) which could lead to user confusion if a passkey was created on this device via the web application.
  • Redundant Verification Steps: If a user has set up 2-step verification, they still need to go through an additional one-time code verification, which is kind of an unnecessary steps as passkeys are 2FA by default.

Screenshot 3: Two Passkeys for Two Relying Party IDs on the Same Device (Windows 11 + Chrome 118)

Screenshot 4: Amazon Passkeys on Native Android App

Screenshot 5: Amazon Passkeys on Native iOS App

Looking Forward#

Amazon has room for improvement. Prioritizing updates like making native apps passkey-ready, introducing Conditional UI, and refining device management can considerably enhance user experience. Addressing the Relying Party ID issue would also be a step in the right direction but here best practices in the industry for multi-national services still need to be defined.

In conclusion, while Amazon's venture into passkey authentication is a significant milestone, it's evident that the journey to perfecting this feature is just beginning. Lets hope that Amazon takes the feedback on board and iterate a better passkey implementation soon.

Frequently Asked Questions#

Why does Amazon make me use a different passkey for each country's website?#

Amazon redirects users to regional domains (such as amazon.com or amazon.de) based on their country setting, and each passkey is cryptographically bound to a specific Relying Party ID. Because amazon.com and amazon.de are distinct Relying Party IDs, a separate passkey must be registered for each, meaning a single device can end up storing multiple Amazon passkeys.

What is Conditional UI and why should Amazon add it to its passkey flow?#

Conditional UI, also called Passkey Autofill, surfaces available passkeys directly in the username field so users can authenticate without navigating extra menus. Amazon has not implemented this feature despite other companies already doing so, making its passkey experience less intuitive than the current industry standard.

Can I sign into the Amazon shopping app or Prime Video with a passkey?#

No. As of this analysis, neither Amazon's native shopping app nor Prime Video supports passkey authentication. Users who create a passkey through Amazon's web application may encounter an error or unexpected behaviour when trying to sign in through the mobile apps.

Why am I still asked for a one-time code after signing into Amazon with a passkey?#

Amazon still triggers an OTP prompt for accounts that have 2-step verification enabled, even after a successful passkey authentication. This step is redundant because passkeys inherently satisfy two-factor authentication requirements by combining device possession with biometric or PIN verification.

See what's really happening in your passkey rollout.

Explore the Console

Share this article

LinkedInTwitterFacebook

Related Articles

passkeys-amazon-cognito

How to Add Passkeys to Amazon Cognito

Vincent Delitz - May 4, 2023

invisible mfa

How invisible MFA with Passkeys solves the MFA Problem

Vincent Delitz - January 18, 2024

Google Passkeys Identifier-First

Google Passkeys: Implement Passkeys Like Google

Vincent Delitz - May 9, 2023

onlyfans-passkeys

OnlyFans Introduces Passkeys

Vincent Delitz - October 16, 2023

uber-passkeys

Uber Rolls Out Passkeys To Optimize Logins

Vincent Delitz - September 26, 2023

facebook passkeys

Facebook Passkeys: Launch Analysis & Meta's Strategy

Vincent Delitz - November 19, 2023

Table of Contents