Costs and Benefits of Implementation of Support for Passkeys
It is important to understand the costs and benefits of implementing support for passkeys. This section is intended to help you examine relevant costs and benefits for your organization.
Advantages of passkeys
When compared with other authentication methods, the benefits of any passkey solution includes:
- Proven and secure technology
- Reductions in phishing, credential stuffing, and attack surface
- Based on robust, open FIDO standards
- Reduced cost as you do not need to purchase proprietary software solutions
- Supported by virtually every modern computing device and browser
- Are already being used at scale
- Greater ease of use
- Higher sign-in success rates
- Faster time to sign in
- Improved bottom line
- Lower rate of cart abandonment
- Reduction in need for password resets during account recovery
- Lower costs for authentication
- Decrease in need for customer support
- Increase in customer loyalty and retention
Compare the costs and benefits
For many companies, the costs, benefits, and risk profiles of various of authentication methods is not always obvious or documented holistically. As your organization considers new approaches to authentication, you can compare the costs and benefits of each. During this process, you should also apply your own unique requirements to each option.
When considering support for passkeys, an essential business planning step is to copy and adapt these considerations to build an inspirational business case for the adoption of passkeys that you can refine and socialize throughout your organization.
Refer to following table to better understand the range of authentication costs and benefits by comparing the relative costs and benefits of five common consumer authentication technologies.
| Password | Synced Passkey | Password + OTP | Security Key (device-bound passkey) | ||
|---|---|---|---|---|---|
| Benefit analysis | |||||
| Phishing resistant | No | 🟢 Yes | No | 🟢 Yes | |
| Multi-factor | No | 🟢 Yes | 🟢 Yes | 🟢 Yes | |
| NIST AAL2 | No | 🟢 Yes | 🟢 Yes | 🟢 Yes | |
| NIST AAL3 | No | No | No | 🟢 Yes | |
| Cognitive load for end users | Medium | 🟢 Low | High | 🟢 Low | |
| Speed to sign in | Slow | 🟢 Fast | Very slow | 🟢 Fast | |
| First try sign-in success rate | Low | 🟢 High | Low | 🟢 High | |
| Rate of end user task abandonment | High | 🟢 Low | High | 🟢 Low | |
| Cost analysis | |||||
| Initial cost to deploy the technology | 🟢 Low | Medium | Medium | High | |
| Maintenance costs of the technology | 🟢 Low | 🟢 Low | High | Medium | |
| Contact center costs due to authentication issues | High | 🟢 Low | High | Medium | |
| Volume of fraud cases and remediation costs due to the security model of the authentication | High | 🟢 Low | Medium | 🟢 Low | |
| Volume of account lockout due to authentication issues | High | 🟢 Low | High | 🟢 Low | |
Initial cost to deploy the technology: The cost for common authentication technologies is applicable to a range of technology acquisition approaches such as: building the technology in-house, purchasing the technology from a solutions provider, or implementing technologies that are already accounted for as sunk costs. For example, a Consumer Identity and Access Management (CIAM) system which is paid for and in use already might offer new authentication technologies without additional licensing fees.
Security keys and credential managers: Security keys are hardware devices available for purchase. It is a best practice for end users to enroll two security keys, one for everyday use and a backup that is stored in a safe place. Security keys can also be combined with other passkey solutions to ensure there is coverage if a device is lost or stolen. Some credential managers are included with operating systems and some are third party add-ons. The cost of security keys and credential managers vary depending on the vendor and features offered.
OTP: Since passkeys are more secure than passwords, the online service’s authentication risk-engine can reduce the use of step-up OTP in many common scenarios, therefore saving SMS costs.
Contact center costs: Service providers commonly reference 30% to 60% of contact center costs attributed to account lockout caused by password and OTP issues.
