PayPal Brings Passkey Logins to Android in the US

PayPal expands its passkey logins for Android users in the US, as long as they access the website via Chrome..

PayPal has recently expanded its passkey logins for Android users in the United States, as long as they access the website via the Chrome browser. The payment processor initially introduced passkey logins for macOS Ventura and iPadOS16 users in October of last year. While Google had yet to release stable passkey support for Android and Chrome at that time, PayPal promised to make the password alternative available to other platforms and countries.

By December 2022, passkeys will be rolled out to stable Chrome. Currently, PayPal is making good on its promise with some restrictions. The login option has yet to be available for the payment processor's Android app, and users can only activate it if they're using Chrome on a device running Android 9.

The new authentication technology enables users to access websites and services that support it without entering usernames and passwords. While it can use biometric authentication to verify a user's identity, it's pretty different from the current login tech that auto-populates login boxes using facial or fingerprint recognition. The technology creates a cryptographic key pair - one public and one private - that becomes associated with a user's account.

Apps and services that support passkeys use the public key to confirm a person's identity by matching it to the private key, which is kept in the user's device. Some password managers can now sync passkeys between devices, as well.

To activate passkeys for PayPal on Android, eligible users have to log in traditionally using a Chrome browser first. Then, the option to "create a passkey" will appear, and they will be prompted to verify their identity using their biometrics or their phone's passcode. After setting up, they'll no longer have to enter anything to quickly check out purchases with PayPal on Chrome.

Passkeys also provide stronger security since they're resistant to phishing. And, since one of the key pairs is kept on the user's device, people's login information won't be compromised in case of an app or service data breach.

Join our newsletter

Subscribe to our newsletter and never miss out on what's happening in the tech world. It's that simple.
subsc