Passkeys Android 15: Single-Tap & Autofill Fallback UI

Enterprise Passkey Whitepaper. Practical guidance, rollout patterns, and KPIs for passkey programs.

Key Facts

Single-tap authentication in Android 15 lets users log in via facial recognition, fingerprint or device screen lock without manually selecting a passkey, reducing login friction significantly.
The Autofill Fallback UI automatically suggests the correct passkey when a user focuses on a login field, integrated through the Credential Manager API with a 'More Options' fallback.
Passkey Restore saves authentication data locally or to the cloud, automatically logging users into native apps when switching to a new device without requiring individual logins.
Android 15 extends passkey support to Wear OS 5, including third-party managers like Dashlane. Apple Watch had received passkey support earlier, in 2022.
Biometric Input Optimization automatically detects and deletes faulty biometric inputs, then prompts users to re-enroll, preventing recurring authentication failures on device.

1. Introduction#

The passkey ecosystem is quickly evolving. In line with this trend, Android 15 introduces new passkey features that enhance security while making logins more seamless than ever. For developers, product managers, and businesses aiming to optimize UX, these changes represent an opportunity to integrate the latest security measures in a user-friendly way.

In this article, we will explore:

What new passkey-related functionalities are part of Android 15?
What is Google's strategy regarding passkeys?

Let’s start by examining the new functionalities first.

2. What’s New for Passkeys in Android 15?#

With Android 15, Google has worked further to improve its passkey functionality. These enhancements make it easier for developers to implement passkey-based authentication while providing users with a frictionless, secure login experience.

2.1 Single-Tap Passkey Authentication#

One of the standout features of Android 15 is the introduction of single-tap passkey authentication (could be even augmented by a relying party’s pre-filled passkey re-login button). Now, users can log in to apps and services with a single biometric scan – either through facial recognition, fingerprint, or device screen lock – without having to choose a passkey manually. Once a passkey has been created for a website / app, it will automatically appear as a suggestion in autofill menus during the login process.

Subscribe to our Passkeys Substack for the latest news.

For developers, this feature is accessible via the `androidx.credentials` Jetpack library, making integration straightforward. Users can simply select a passkey and authenticate in one fluid motion, which significantly reduces login friction and enhances the overall user experience.

2.2 Autofill Fallback UI and Credential Manager API#

Android 15 integrates even deeper with Credential Manager, allowing for smoother handling of login credentials. Through the API, developers can associate credential requests with specific views (like username or password fields) within their apps. This enables Android to automatically display passkeys in autofill fallback UIs when a user focuses on a login field.

No more clicking through unnecessary steps – Google will now automatically suggest the correct passkey and initiate biometric authentication. If the wrong passkey is selected, users can opt for “More Options” to switch credentials, ensuring flexibility and a smoother user experience.

2.3 Passkey Restore on New Devices#

For users who frequently switch devices, Android 15 introduces a Passkey Restore feature. This allows users to seamlessly transfer their authentication data to a new phone or tablet. The restore key, saved via the Credential Manager, is stored locally but can also be backed up to the cloud. Once enabled, this feature removes the hassle of logging into apps individually when switching to a new device, enhancing both security and convenience.

The difference to synced passkeys (e.g. in Google Password Manager) is that you are automatically logged in to native apps on a new device. This even saves the step of passkey logins on new devices, thereby further streamlining the UX.

For developers, this means fewer support tickets from users who forget their credentials during a device transition, further boosting customer satisfaction.

2.4 Passkey Support for Wear OS#

Wearables are becoming a key part of the authentication ecosystem, and with Android 15, Google is extending passkey support to Wear OS 5 (after Apple rolled out support for passkeys to Apple Watch in 2022 already). Users can now authenticate on their wearables using passkeys, traditional passwords, or Google sign-in. This added versatility is crucial for developers building apps for wearables, as it opens up new opportunities for seamless authentication across devices. Notably, third-party password managers like Dashlane are also supported, further expanding the usability of passkeys across platforms.

2.5 Biometric Input Optimization#

Android 15 introduces another quality-of-life improvement for users – automatic deletion of failing biometric inputs. If a user’s biometric data isn’t performing well (e.g., a fingerprint not registering correctly), Android 15 will automatically delete the faulty input and prompt the user to re-enroll. This prevents potential login failures and ensures that users have a smooth experience when using biometric authentication.

3. Google’s Long-Term Passkey Strategy#

Google’s passkey strategy is clearly focused on reducing friction in user authentication while maintaining the highest levels of security. Their goal is to create a secure ecosystem where users can seamlessly move between devices and services, without needing to remember a password again.

One significant shift in Google’s approach is the focus on using cloud accounts to manage passkeys. This ensures that authentication data is stored securely and can be synchronized across devices. Users don’t have to remember or manage multiple passwords; instead, their cloud account maintains an “everlasting” connection to the services they use. This means that as long as users maintain their account, they remain connected to the services they rely on (see also this article to win customers forever via cloud accounts / keychain).

Google’s integration of passkeys across multiple platforms, including macOS and Windows, shows their commitment to cross-platform compatibility. This move ensures that passkeys are not limited to Android users, but can be used across all major desktop operating systems, creating a truly universal authentication method.

4. Conclusion#

With Android 15, Google is making passkeys more accessible, secure, and convenient for users and developers alike. From single-tap authentication to Wear OS integration, the improvements reflect Google's commitment to creating a passwordless future.

For developers and product managers, the time to implement passkeys is now. The tools are in place, the API is accessible, and Android 15’s new features make it easier than ever to integrate passkeys into your app.

About Corbado

Corbado is the Passkey Intelligence Platform for CIAM teams running consumer authentication at scale. We help you see what IDP logs and generic analytics tools can't: which devices, OS versions, browsers and credential managers support passkeys, why enrollments don't turn into logins, where the WebAuthn flow fails and when an OS / browser update silently breaks login, all without replacing Okta, Auth0, Ping, Cognito or your in-house IDP. Two products: Corbado Observe layers observability for passkeys and any other login method. Corbado Connect adds managed passkeys with analytics built in (alongside your IDP). VicRoads runs passkeys for 5M+ users with Corbado (+80% passkey activation). Talk to a Passkey Expert →

Frequently Asked Questions#

How do I implement single-tap passkey authentication in my Android app?#

Single-tap passkey authentication in Android 15 is accessible via the androidx.credentials Jetpack library. Once a passkey is created for an app or website, it automatically appears as an autofill suggestion, and users authenticate in one motion without manually selecting a credential.

What is the difference between Passkey Restore and synced passkeys like Google Password Manager in Android 15?#

Synced passkeys still require users to complete a passkey login step on a new device. Passkey Restore goes further by automatically logging users into native apps on a new device entirely, eliminating that step. The restore key is stored locally but can also be backed up to the cloud.

How does the Android 15 Autofill Fallback UI work for passkey authentication in practice?#

Through the Credential Manager API, developers associate credential requests with specific views such as username or password fields. When a user focuses on those fields, Android automatically displays the correct passkey suggestion and initiates biometric authentication, with a 'More Options' path available if the wrong credential is pre-selected.

Can users authenticate with passkeys on Wear OS devices after the Android 15 update?#

Yes, Android 15 introduces passkey support for Wear OS 5, allowing users to authenticate on wearables using passkeys, traditional passwords or Google sign-in. Third-party password managers like Dashlane are also supported, expanding cross-device usability.