secure-payment-confirmation icon indicating copy to clipboard operation
secure-payment-confirmation copied to clipboard

Published 20 hours ago verified publisher icon w3c

How will new passkey providers impact SPC

Open ve7jtb opened this issue 2 years ago • 2 comments

We now have password providers. like 1Password and Dashlane that intercept Webauthn on desktop not making credentials created in them available to SPC.

Over Hybrid there may be changes required to expose credentials.

On mobile there are now pluggable passkey providers in iOS and soon Android.
We should attempt to understand any UX implications of these changes.

ve7jtb avatar Sep 28 '23 14:09 ve7jtb

@ve7jtb, I see this proposal has been merged into WebAuthn: https://github.com/w3c/webauthn/pull/1957

Can you say how this affects SPC (if at all)? Thanks!

ianbjacobs avatar Dec 05 '23 19:12 ianbjacobs

See issue #271, which seeks to add device binding in light of the impact on passkeys.

ianbjacobs avatar Jun 18 '24 16:06 ianbjacobs