Passkeys and Wallets: Building a Coherent Path from Identity Proofing to Everyday Authentication

Passkeys and digital identity wallets are often discussed as competing solutions for modern authentication and digital identity. In practice, they address different, but tightly connected, problems.

Passkeys provide phishing-resistant, privacy-preserving authentication that can scale to billions of users. Digital identity wallets, backed by verifiable digital credentials, enable high-assurance identity proofing and selective disclosure of attributes when trust, compliance, or risk demands it. The challenge facing implementers, policymakers, and platform providers is not choosing one over the other, but understanding how they work together across enrollment, authentication, recovery, and high-risk transactions.

This half-day workshop, presented in conjunction with the FIDO Alliance, explores how passkeys and wallets form a complementary architecture rather than a competitive one. Drawing on real-world deployments and the FIDO Alliance white paper, Passkeys and Verifiable Digital Credentials: A Harmonized Path to Secure Digital Identity, the session will clarify roles, boundaries, and best practices for combining phishing-resistant authentication with verified digital credentials.

Participants will examine:

• What passkeys are and how they are deployed;
• The distinction between identity proofing, authentication, and authorization, and why conflating them creates security and privacy risks;
• How passkeys act as the secure gateway to wallets, while wallets provide verified attributes only when needed;
• Where wallets should be used for enrollment, recovery, and high-assurance actions, and where they should not be used;
• Regulatory and policy drivers shaping adoption, including eIDAS 2.0, NIST SP 800-63, and emerging global trust frameworks;
• Practical deployment patterns across government services, financial services, healthcare, education, and consumer platforms.

The workshop is designed to be interactive and practical, helping attendees move beyond hype and toward implementable architectures. By the end of the session, participants will have a clearer mental model for when to use passkeys and wallets, and how to design systems that preserve privacy, improve security, and scale globally without creating unnecessary friction for users or relying parties.