Hey Friends,
Episode 6 of The Secure Element is live, and this month, we’re diving into Passkeys.
I sat down with Harsh Lal, Senior Software Engineer for Android Authentication at Google, and co-chair for the FIDO Alliance Financial Group, to explore what this next evolution of authentication means for both personal and enterprise security.
We dive into:
- The password problem: Why complexity rules and password reuse create “keys to the kingdom” for attackers.
- Hardware-backed security: How passkeys live in your device’s Secure Element, making them virtually impossible to fish or extract.
- Enterprise readiness: Integrating passkeys with SSO providers and how to manage them.
- Hybrid flows: Using your phone to securely unlock apps on your work laptop via encrypted proximity tunnels.
Listen to the episode here:
Deep Dive
To learn more check out Harsh’s blog series which tracks the evolution of FIDO experiences on Android, and explores how passkeys work across devices via Hybrid transport to make passwordless authentication available everywhere.
Drop your questions in the comments - we’d love to hear how your organisation is approaching a passwordless future!
Stay secure,
Burr
Missed an episode? Catch up here:
- Episode 1: EMM Controls
- Episode 2: Cyber Resilience on Edge Devices
- Episode 3: Federal Government Device Certification
- Episode 4: Device Trust from Android Enterprise
- Episode 5: End of year recap and what’s to come
