Mastering user transition to passkeys: Expert strategies for a seamless user transition management
When implementing passkeys, companies are faced with the important question of how to ensure that users leave the familiar authentication methods behind and actually use passkeys. As this is one of the most challenging yet rewarding tasks, we highlighted in this article how to create a smooth user transition to passkeys and what exactly needs to be done.
The desire for a more streamlined authentication process is leading to an increasing demand for passwordless options among customers. A study by Mastercard found that a significant 93% of customers favour the use of biometric logins over traditional passwords. The latest technology that relies on biometric logins is passkeys. The use of biometrics to unlock your phone has quickly established itself and has become standard for the majority of users. Passkeys now bring this already familiar experience to the web for unlocking accounts. The adoption of passkeys is pushed by Apple, Google, and Microsoft. For the first time ever, the leading tech giants have joined forces to spearhead the integration of passkeys into their platforms which is huge evidence for the trend behind ditching passwords.
Our recommendations to overcome the biggest challenges when migrating users to passkeys
Based on Fast Identity Online (FIDO)/WebAuthn standards, passkeys are the leading alternative for passwords that provide quicker, simpler, and more secure sign-ins to online services. This technology is open and available for free, theoretically allowing any company to implement and deploy passkeys overnight. However, as passkeys represent a new way of accessing accounts, encouraging users to switch from password to passkey-based authentication is one of the toughest tasks.
From the extensive feedback we've received, we've gathered the top three transition challenges that companies implementing passkeys themselves face and how to overcome them:
1. Educate customers on the benefits of passkeys
To successfully transition customers from traditional password-based authentication to passkeys, it is crucial for companies to educate their customers on the benefits of this passwordless authentication.
A significant part of the education lies in explaining what passkeys are and eliminating user concerns that this new login ceremony may be more insecure and more difficult than the familiar password method. This is mainly due to the fact that most users are usually not concerned with authentication and have therefore never heard before the term, how it works and what the advantages of passkeys are. When this new login option is suddenly introduced, they are initially not only confused and overwhelmed, but also not attracted to using it. To address this, we recommend leveraging the familiar and convenient concept of biometric authentication. Instead of mentioning the term “passkeys” everywhere, establish Touch ID, Face ID and Windows Hello. As they are widely used and recognized, your users won’t think much about it, making this platform-specific wording an ideal substitute.
Consequently, it becomes clear that the key to managing the user transition in terms of education flawlessly lies in user communication. However, since there are no industry standards for the right terminology, it is handled differently by each company, resulting in a variety of different user messages. Therefore, we recommend allowing enough time to study existing best practices in order to create messages that are tailored to your users and explain what's going to happen in an understandable manner. In addition, you should consider that some users first want to better understand what passkeys are all about. This requires extensive documentation that contains all the details but must still be easy to understand.
For a smooth user switch to passkeys, you also must decide between opting in or opting out when using passkeys. The question underlying this decision is how companies that integrate passkeys themselves want to promote them. When offering passkeys by default (opt-out), keep in mind that users may not understand what’s going on. When reminding customers that they can go passwordless at any time (opt-in) by using prompts such as
“Still using passwords? Logging in with fingerprint or Face ID will save you time and keep your account more secure.”
it may cause them to be hesitant and ignore the message. From our experience however, it has been become clear that users are more likely to confirm the prompt because they are familiar with Face ID etc., which is why we suggest opt-in in the beginning.
2. Motivate adoption with UX changes
To ensure a smooth transition from passwords to passkeys, it is important for companies to create a user-friendly experience that motivates users to switch. This can be achieved through various UX adaptations, which will help users understand the benefits of passkeys and make the switch with confidence.
This is particularly relevant for all companies that already have existing authentication processes in place and therefore need to continue offering password login in addition to passkeys. The most obvious solution is to simply add another button to the login screen for registration or login with passkeys. But then, the new button will only be one among many other authentication methods such as single sign-on (SSO) or social logins. In practice, this has been termed the NASCAR problem by Indiewebcamp.
To prevent that the option to login with passkeys is overlooked, one important step is not only to provide a prominent and user-friendly placement of the passkey button on the login screen but also reduce the number of login options in general. Those changes made in the user interface should cater to both users who are new to biometric authentication and those who are already familiar with it. It is also important to remember that some users may still prefer passwords, and companies should not overlook or bypass them in the redesign of the login screen. To prevent new users from registering with passwords, companies should ensure that passkeys are the default and preferred method of authentication. By taking these actions, companies can create a more user-friendly and secure authentication experience that promotes passkey adoption while still accommodating users who prefer other authentication methods.
In this regard, UX changes rely heavily on passkey promotion. In order to promote passkeys effectively, it’s essential to consider the device and user preference management. This includes to ensure the detection and storage of the users’ preferred authentication method. This eliminates the need for users to remember which authentication method they used on each website, making the process more straightforward. Additionally, it’s important to ensure that platforms and devices can detect passkey-readiness of platforms and devices, so that from a UX point of view the user doesn’t have to deal with whether passkeys can be used or not. In situations where passkeys are not available or not preferred, the user should be guided to alternatives easily and quickly. By minimizing the number of decisions that users have to make throughout the login process, we can reduce errors and make the process less overwhelming. In case errors do occur, fallback options must be in place, such as existing password flows or other passwordless alternatives, so that users can still access their account at any time.
3. Provide support to smooth transition
To maintain users' satisfaction in passkeys, it is crucial to provide continuous support throughout the transition process. Users expect to be reassured and have readily available support to address any concerns they may have. By making support visible and easily accessible, you can meet these expectations and help users make a smooth transition to passkeys.
One way to support users during the transition is to ensure seamless cross-platform usage. By designing passkeys to work seamlessly across different platforms (e.g., web, native apps) and operating systems (e.g., Windows, macOS, iOS, Android, Linux), users can easily login without worrying about compatibility issues. Another way to support smooth user transition is to leverage the autofill functions passkeys provide. This feature is called Conditional UI. It automatically prefills passkeys as soon as the user clicks on the username input field. This means that users no longer must search for their credentials manually (not even usernames!), as they are already stored in the device / browser and automatically pre-filled just as if you were using credential managers like 1Password.
To provide the most customer-oriented support possible, it's essential to design user-friendly support buttons or dialogues and implement reassuring prompts, splash screens, or pop-ups throughout the customer identity journey. Additionally, having a knowledgeable support team prepared to handle any potential issues can go a long way in ensuring users feel supported and satisfied with the passkey authentication process. By implementing these solutions, you will create a seamless and user-friendly passkey experience.
Creating a seamless user transition to passkeys is critical for both user experience and security. Although this requires significant operational, conceptual, and technical efforts, it is worth it as passkeys will shape the future of authentication and you can now prepare yourself for the day when your customers will demand them.
At Corbado, we are dedicated to creating the smoothest and easiest user transition in the passkey era possible. With our passkeys-as-a-service offering, we take care of all the challenges that arise when integrating passkeys. Try it for free at app.corbado.com.
Enjoyed this read?
Stay up to date with the latest news, strategies and insights about passkeys sent straight to your inbox!