Passkeys are our most potent and versatile weapon in the war on phishing. To effectively win this war, we must understand our tools and the environment in which we operate. Over the last year, passkey adoption has gained momentum in consumer and enterprise use cases. However, organizations should aim to prevent their users from being phished, not just deploy passkeys.  

Organizations that want to defeat phishing must examine the entire user account lifecycle and the business processes for engaging with users. This evaluation will encompass each moment of engagement with the user and will require tools to evaluate the risks of that engagement.

Organizations must understand the environment in which passkeys operate and evaluate the passkeys they deploy. Passkeys are a very versatile tool, and there is more than one way to deploy them. They can be deployed as synced or device-bound passkeys, and understanding the differences between each will help you choose which one is right for your organization.

Attend this session to learn about:

• The different passkey implementations including synced passkeys, device-bound passkeys on general-purpose devices, and device-bound passkeys on devices purpose-built for security.
• Considerations for user onboarding, authentication risk, and account recovery as key components of an effective strategy to defeat phishing.
• Understand real-life enterprise scenarios and how to avoid common security and usability pitfalls.