Passkeys have drawn attention in recent years as a technology seen as representing the future of passwordless authentication.

Passkeys are provided by FIDO (Fast IDentity Online), an organisation that uses biometrics such as fingerprints for user authentication. They use cryptographic techniques to allow users to log in on smartphones or PCs without passwords. Users can log in by scanning their face or fingerprint, or by simply pressing a button.

More technically, instead of entering a password, web and mobile services that support the WebAuthn standard automatically authenticate users by linking to tokens stored on their devices.

Against this backdrop, Paradigm general partner Giorgios Constantinopoulos (게오르기오스 콘스탄토풀로스), who led development of the Tempo blockchain with Stripe, has stressed the fit between crypto wallets and passkeys.

In a post shared recently on X, formerly Twitter, he said, "Passkeys can also be used as web-based self-custodial crypto wallets without intermediaries. They are compatible with YubiKey as well, enabling enterprise-level security."

He said many users experienced this directly through the launch of the Tempo mainnet and the Machine Payments Protocol (MPP). Fast and seamless onboarding is possible without Chrome extensions, mobile apps or seed phrases, which have long been cited as inconvenient elements in the crypto industry.

He said misconceptions around passkeys persist and summarised them in four points.

First is the misconception that passkeys are not supported on browsers and smartphones. He said, "95 percent of smartphones and 97 percent of browsers support passkeys. They can be used on iOS 16 or later (iPhone 8 or later), and on Android 9 or later with Google Play services. Major browsers update automatically, so desktop environments are effectively fully supported as well."

Second is the misconception that passkey wallets cannot be reused across apps. He said, "Tempo demonstrated passkey use across apps, devices and chains last year through Porto."

Third is the misconception that passkey wallets cannot be exported. He said, "Passkeys are synchronised by default through iCloud Keychain, Google Password Manager, 1Password and others. Tempo also introduced the concept of an 'account keychain'. In addition to a root key, it adds a secondary access key so other devices such as Ledger and YubiKey can also be connected with two-factor authentication. Even if a website shuts down, the passkey credential itself remains on a device or in a password manager. The account exists on-chain, and the key is only a means of authentication," he stressed.

Fourth is the misconception that using passkeys triggers an "log in to example.com" window for every transaction. He explained, "The access key solves this problem. Once you approve the access key with a passkey, subsequent transactions are signed by the access key. Passkey authentication windows or login modals do not pop up repeatedly."

There are also limits. Passkeys do not work in webviews (WkWebView) inside mobile apps. If a user loses a device without being logged into iCloud or 1Password, and without adding an access key, recovery is difficult. It is a similar problem to losing a self-custody wallet operated without seed phrases. A founder said, "Most technical issues related to passkeys stem from getting the initial setup wrong," and stressed that setting the right defaults is key. The founder underscored that it is not a problem with passkey technology itself but with how it is implemented.

He said most technical issues related to passkeys lie not in passkey technology itself but in how it is implemented. He said, "The problem stems from getting the initial setup wrong," and stressed that "setting the right defaults is key."