Skip to main content

Passkey

Passkeys, the evolution of FIDO2 tokens, are now integrated into multi-factor authentication systems, providing strong security with both single and multi-factor options. They offer a seamless, passwordless login experience, often without the need for usernames, by utilizing passkey protocols. Modern passkeys are increasingly supported on smartphones, eliminating the need for dedicated hardware tokens. These passkeys leverage the phone's built-in security features, such as biometrics (fingerprint or facial recognition) and device PINs, to authenticate users. Connectivity methods like NFC, Bluetooth, or cloud-based solutions allow these mobile devices to serve as convenient and secure authentication tools, making passkeys easier and more accessible than ever.

Passkey token configuration with an iOS device (iPhone or iPad)

1 Click the + button to add a new token
2

Select the Passkey token type.

You can also add a Description, that can help you to discern multiple tokens of the same type. For example, you can add Personal iPad or Company Phone.

image.png
3 Select iPhone, iPad or Android device

Snímek obrazovky 2024-09-10 101255.png
4 Scan the QR code with your device. And affirm the token addition.

Snímek obrazovky 2024-09-10 101328.png
5 Token successfully added.


Passkey token complete configuration and enrollment procedure in Windows

The Passkey token has to be configured in the Windows system for use in MAYI ID first -> PIN and fingerprint (depending on the type of the Passkey token).

If the Passkey token is already registered (PIN and/or fingerprint) in Windows then continue to the step 15.

1

Prepare your Passkey token and insert it into the USB slot.

image.png

2

Open Settings in your Windows and go to the Accounts section. Scroll down and find the Sign-in options menu item.

3

Find the Security key option, expand it and press the MANAGE button.

image.png

4

The system will ask the user to touch the inserted token

image.png

5

The configuration modal window will be opened

image.png

6

The first step is to set up the Security Key PIN for the Passkey token - press the ADD button.

image.png

7

Insert the New security key PIN (twice) and press the OK button.

8

If the Passkey is fingerprint type the fingerprints could be registered.

Note: If the Passkey token doesn't have a fingerprint reader then the registration in Windows is done and now it's possible to continue with the enrollment of the Passkey token in the MAYI ID system (step 15).

image.png

9

Press the SETUP button for the configuration of the Security key Fingerprint.

10

Insert the newly set Security key PIN and press the OK button.

image.png

11

Touch the fingerprint section of the Passkey token with your chosen finger to register the fingerprints.

image.png

12

Repeatedly touch the Passkey token with the chosen finger till the complete fingerprint is scanned.

image.png

13

When the scanning is completed the successful message will be displayed. Then press the button DONE.

Note: there can be more fingers registered within the Passkey token

image.png

14

The registration of the Passkey token for use within the MAYI ID now continues in the MAYI ID application in Selfservice - left the token in the USB slot.

15

Login to Selfservice, go to the ACCOUNTS section - the TOKENS tab is displayed - and press the button NEW [  ] on the right side of the screen.

image.png

16

The form for the new token is opened -  choose the Passkey from the Token type drop-down menu, optionally fill in the Description field and press the SAVE button.

  • The names of all tokens are created by the administrator - it may vary.

17

The first registration dialog is opened. Choose the EXTERNAL SECURITY KEY option.

image.png

18

Confirm the request from your browser for the MAYI ID system - press the OK button.

image.png

19

Confirm the next step - information about creating a new record in the Passkey token related to Selfservice - press the OK button.

image.png

20

Touch the Passkey.

image.png

21

If everything is ok, then the message about successful enrollment of the Passkey token is displayed and the new token is now available in the list of tokens. Also, this token can be used for the login to the MAYI ID.

Passkey token enrollment process on mobile devices - only for NFC type of tokens - for iOS only

1

Choose the Passkey template from the Token type drop-down menu

The template name depends on administrator's settings

  

2

Insert the description optionally and press the SAVE button.

  

3

Attach the token to the top of the mobile phone to read the NFC token and follow the instructions of your mobile device:

  1. set the Security key and press CONTINUE
  2. insert PIN for the NFT token and press CONTINUE
  3. leave the token on the top of the mobile to re-read the NFT token

  

image.pngimage.png

image.png

 

4

If everything is done correctly then the message about successful enrollment will be displayed and the token will be activated.

image.png


Passkey token enrollment process on mobile devices - only for NFC type of tokens - for iOS only

1

Press the TEST button.


2

The system connects to your token and asks for authentication - fingerprint reading/pin entry (depending on the token type). 

3

If everything is ok, then the successful message will be displayed.
Back to top