Amazon is rolling out support for access keys, but there’s a catch

Amazon is rolling out support for access keys, but there’s a catch

Amazon has rolled out support for access keys as it becomes the latest tech giant to join the password-free future. But you may have to save your Amazon password for a while longer, TechCrunch reports.

The option to install an access key is now available on the Amazon website. This allows users to log in using biometric authentication on their device, such as a fingerprint or face scan.

These actions make it much more difficult for attackers to remotely access user accounts, given that they also need physical access to the user’s device.

But the introduction of access keys at Amazon is not without problems, said Vincent Delitz, co-founder of the German technology startup Corbado, which first documented the emergence of support for access keys on Amazon.

The expert said there is currently no support for access keys in Amazon’s native apps, such as the Amazon shopping app or Prime Video, which TechCrunch also reviewed, meaning you still need to use a password to log in.

Additionally, if a passkey is set up but two-factor authentication (2FA) was previously set up, Amazon will still prompt you to enter a one-time verification code when you sign in. Delitz called this move “extra”, because passkeys eliminate the need for 2FA because they are stored on your device.

Amazon said on its website:

“You’ll still need to confirm the OTP after logging in with your passkey“.

However, she did not explain why. It’s unclear whether the requirement for 2FA codes is a temporary feature and whether Amazon plans to add passkey support to its mobile apps.

It’s also not yet known if passkey support has been made available to all Amazon users, although TechCrunch has confirmed that the feature is available in the US, UK, France and Germany.

Amazon spokesman Adam Montgomery declined to answer questions from TechCrunch, but noted that Amazon “in the early stages of adding access key support for to give customers another secure way to access their accounts. We’ll have more to share soon.”.

Access keys appeared on Amazon when WhatsApp announced, bringing passkey support to all Android users, and just days after Google announced plans to make passkeys the default sign-in method for all Google Account holders. GitHub, Windows 11, TikTok, and 1Password have rolled out access key support.

Subscribe to ProIT in Telegramso you don’t miss a post!

Related posts