Have you heard of passkeys? They’re a simple, fast, and secure way for shoppers to sign in and authenticate their identity without using two-factor authentication codes or passwords.
In this post, you’ll learn how this exciting technology works and how to enable passkey authentication on your Shopify site to speed up your checkout.
Passkeys and Shop Pay
Passkeys eliminate the need for passwords and two-factor authentication by letting customers verify their identity with biometrics, a PIN, or by drawing a pattern with their finger.
With Shop Pay, shipping and payment details including card number, expiration date, and billing address are automatically populated in checkout once a customer signs in with passkey authentication, thereby reducing friction and increasing security. For users choosing to use passkeys, the experience replaces the SMS code entry that Shop Pay is known for.
Passkeys and Shop sign-in features
Shop’s all-new sign-in features make it easier than ever for over 100 million Shop users to authenticate their identity when browsing your Shopify store, and these new features also support passkeys. Once users are authenticated, their billing and shipping information is automatically populated at checkout so they can complete purchases in one tap using Shop Pay.
Here are three new ways to authenticate shoppers and accelerate your Shopify store’s checkout with Shop Pay:
- Sign in with Shop: Simplify the sign-in process for your customers by allowing them to use their Shop account, resulting in quicker checkout and boosted conversion rates.
- Lead capture with Shop: Optimize lead capture by automatically identifying, signing in, and saving discounts for high-value shoppers. Merchants using this functionality saw an 8% increase in order conversion by Shop Pay users.
- Follow on Shop: Enable follow on Shop to sign in more users on your storefront and increase customer engagement in the Shop app, unlocking easier sign-in and accelerated checkout.
With Shop’s sign-in features, brands can increase the number of customers identified and signed in on their storefronts prior to checkout, leading to increased conversion.
Use Shop’s sign-in features to quickly authenticate customers and speed up checkout
Passkeys are the cutting edge of authentication technology. They eliminate the need for passwords and two-factor authentication for mobile purchases. By reducing friction, customers enjoy a seamless checkout that makes them likely to keep coming back for more.
Passkey authentication is coming to the Shop app via Shop Pay. Enable Shop Pay today to make it possible for shoppers to use passkeys on your storefront.
Use Passkeys to login to Shopify
In addition to enabling customers to use passkeys to sign into Shop and pay with Shop Pay, businesses on Shopify can also set up passkeys to sign into their Shopify accounts. Using passkeys removes the possibility of forgetting and needing to reset a password, or entering the wrong password and becoming locked out of your account.
Sign up for passkey authentication on Shopify today
Excited to streamline your buyer’s experience with passkey authentication? Enable Shop Pay today to make it possible for shoppers to quickly and securely authenticate their identity on your storefront and breeze through checkout in fewer clicks.
Passkey Authentication FAQ
How does passkey authentication work?
Passkey authentication verifies identity with a cryptographic key pair instead of a password sent over the internet. Your device generates and stores a private key inside secure hardware, such as a Trusted Platform Module (TPM) or secure enclave, while the corresponding public key goes to the server. During login, the server issues a cryptographic challenge, your device signs it with the private key, and the server verifies the signature using the public key. A fingerprint, face scan, or PIN confirms it's really you before the device signs that challenge.
Is passkey authentication safer than a password?
Passkey authentication is generally more secure than a password because there's no shared secret for attackers to steal, guess, or phish. Only the public key is stored by the site, and that alone is useless to an attacker, who can't derive the private key from the data stored on the server. A passkey is only presented to the site it was registered with, so there is no way for a user to inadvertently type it on an attacker's site.
What happens if I lose the device with my passkey?
You can usually recover access through an account password reset or a backup sign-in method, though this varies by platform. On Shopify, if you still have trouble accessing your passkey and it's your only secure sign-in method, you can reset your account password from the login page, which removes the passkey so you can log in and set up a new one from the Security tab. Storing a passkey with a synced credential manager reduces this risk since it becomes available on your other devices automatically.
Can I use the same passkey on multiple devices?
Yes, synced passkeys can be used across several of your devices once they're backed up through a credential manager. A synced passkey is encrypted and backed up through a credential manager, such as your OS keychain or a password manager, so synced passkeys have the advantage of being available on any of your devices where the password manager is available. Device-bound passkeys created on hardware security keys don't sync and stay tied to that single device instead.
Are passkeys the same as two-factor authentication?
Passkeys aren't identical to traditional two-factor authentication, but they achieve a similar security outcome in a single step. While MFA typically combines a password with a second factor like a one-time code or fingerprint scan, passkey authentication achieves MFA in a single step, since the underlying process combines the passkey itself with a biometric scan or device PIN. That means shoppers skip separate SMS codes entirely while still verifying two factors behind the scenes.
Which devices and browsers support passkeys?
Passkey support now spans most modern operating systems and browsers, including Windows, iOS, Android, ChromeOS, Safari, Chrome, and Edge, plus dedicated hardware security keys. Coverage generally starts around Windows 10 and newer, ChromeOS 109 and newer, iOS 16 and newer, Android 9 and newer, and hardware security keys that support the FIDO2 protocol, with Safari 16+, Chrome 109+, and Edge 109+ rounding out browser support. Checking your device and browser version helps confirm passkeys will work at checkout.












