How to Offer Passkey Demo Accounts in Google Play Store Verification?
Learn how to offer passkey demo accounts in Google Play Store verification, including workarounds for account creation challenges and using static OTPs.
How to Offer Passkey Demo Accounts in Google Play Store Verification?#
Offering passkey demo accounts in the Google Play Store verification process can be tricky due to current limitations in how passkeys are integrated. One key challenge is that passkeys don’t allow you to pre-create an account for testers, which can complicate the testing process. The Google Play Store review process is designed for accounts to be prepared in advance, allowing testers to bypass the registration flow. A common workaround is to use static OTPs (if your app is fully passwordless and uses OTPs) or to provide fallback passwords.
- Offering pre-created demo accounts with passkeys in Google Play is not straightforward due to the registration requirement.
- Passwordless: Static OTPs can serve as a useful workaround for testers during verification.
- Non-passwordless: Consider offering fallback passwords to simplify the account setup for testers.
Dealing with Passkeys in Google Play Store Verification#
Passkeys improve security and user experience, but they introduce a challenge when offering demo accounts for Google Play Store verifications. Here's why:
The Problem with Pre-Created Accounts#
- Passkeys eliminate the need for traditional passwords, making them a much more secure and user-friendly option.
- However, with the Google Play Store’s review process, testers expect to receive pre-created accounts to expedite the app testing phase.
- The main issue is that passkeys require a registration step, which can't be prepared. So, testers can’t simply log in without first going through the setup flow.
Workaround Solutions#
To navigate this limitation, there are a few options you can consider:
- Static OTPs: Offering static one-time passwords (OTPs) is a practical workaround. This allows the tester to bypass the registration flow without compromising the security benefits of passkeys in your final product.
- Fallback to Passwords: If you don't fully go passwordless and OTPs are not an option, you could provide a pre-created password for the demo account. Although this slightly undermines the passkey-first experience, it can smooth the testing process and still meet the security requirements of the Google Play Store.
- Explain the Registration Process: Another strategy is to communicate clearly with the testers about the registration step required for passkey accounts, making it a part of the testing flow itself. You can still allow testers to use passkeys, but set clear expectations about needing to register during the test. We expect that Google will update its policies soon and consider passkeys in a more developer- and tester-friendly way.
About Corbado
Corbado is the Passkey Intelligence Platform for CIAM teams running consumer authentication at scale. We help you see what IDP logs and generic analytics tools can't: which devices, OS versions, browsers and credential managers support passkeys, why enrollments don't turn into logins, where the WebAuthn flow fails and when an OS / browser update silently breaks login, all without replacing Okta, Auth0, Ping, Cognito or your in-house IDP. Two products: Corbado Observe layers observability for passkeys and any other login method. Corbado Connect adds managed passkeys with analytics built in (alongside your IDP). VicRoads runs passkeys for 5M+ users with Corbado (+80% passkey activation). Talk to a Passkey Expert →
Share this article
Table of Contents
Related FAQs
Related Articles
