PayPal introduces Passkey as a login option for Android users in the US

PayPal is extending access to passkey logins to Android users in the United States who use the Chrome browser to access the website. In October of last year, the payment processor initially provided passkey logins for Apple PCs and tablets running macOS Sierra and iPadOS16. At the time, Google had yet to offer official passkey compatibility for Android and Chrome, but PayPal vowed to expand the password replacement to more platforms and nations in the future.

Passkeys were added to stable Chrome by December of last year. PayPal is now fulfilling its promise, albeit with certain restrictions. The login option is not currently accessible for the payment processor’s Android app, and users may only enable it if they use Chrome on an Android 9 smartphone.

Users who utilise the new authentication system may access websites and services that support it without having to enter usernames and passwords. While it can employ biometric authentication to validate a user’s identity, it is not the same as current login technology that auto-fills login fields with facial or fingerprint recognition. The method generates a cryptographic key pair, one public and one private, which is linked to a user’s account. Apps and services that support passkeys use the public key to validate a user’s identity by comparing it to the private key stored on the user’s device.

To enable passkeys for PayPal on Android, eligible users must first log in using a Chrome browser. The option to “generate a passkey” will then appear, and they will be asked to validate their identity using their biometrics or the passcode on their phone. When they’ve finished configuring, they’ll discover that they no longer need to input anything in order to fast check out purchases using PayPal on Chrome. Passkeys are also more secure since they are resistant to phishing. Furthermore, because one of the key pairs is stored on the user’s device, people’s login information will not be compromised in the event of an app or service data breach.