Find out more about planning and assessment of passkey rollouts on our blog.

Enterprise Passkeys: Initial Assessment and Planning

Passkeys are revolutionizing the way enterprises manage user authentication, enhancing security, improving user experience, and reducing costs associated with SMS OTPs. Implementing them at scale requires a structured approach, beginning with a thorough initial assessment and planning phase.

Why Start with Assessment?

Before diving into implementation, enterprises must evaluate key areas to ensure a seamless transition to passkeys. This phase provides clarity on device compatibility, application interactions, and the existing MFA landscape.

1. Device Landscape Analysis

Assessing your user base's devices is crucial for passkey readiness. Use tools like Google Analytics or StatCounter to gather insights on:

• Operating Systems and Versions: Identify the distribution of systems like iOS, Android, Windows, or macOS, and ensure they're passkey-compatible.
• Browsers and Versions: Determine browser preferences and confirm WebAuthn support.
• Activation Status: Ensure key features like Touch ID, Face ID, or Windows Hello are enabled.

If you lack detailed user data, rely on global statistics to approximate compatibility. This analysis helps you estimate adoption rates and ROI for passkeys.

2. Mapping the Application Landscape

Understanding how your applications interact with the authentication system ensures backward compatibility and a smooth rollout.

Key considerations include:

• Connected Applications: Distinguish between web-based, mobile-native, or WebView-based apps.
• Update Strategies: Plan for mandatory updates or deactivation of older versions to ensure uniform compatibility.
• Integration Complexity: Tailor your approach based on whether your system is custom-built, open-source, or managed by external providers.

Backward compatibility and dual-system operation during the transition are essential to avoid disruptions.

3. MFA Landscape Evaluation

Transitioning from traditional MFA methods like SMS OTPs to passkeys requires understanding:

• User Enrollment States: Identify whether users are enrolled in optional or mandatory MFA setups.
• Fallback Mechanisms: Maintain existing methods during the transition to ensure security and trust.
• User States: Evaluate device readiness and MFA types to address compatibility gaps.

Mapping these details ensures a secure, user-friendly migration process.

Tools to Simplify the Process

For enterprises, manual assessment can be resource-intensive. Solutions like Corbado's Passkeys Analyzer offer:

• Accurate Data Collection: Gather insights on device compatibility and platform readiness with a lightweight JavaScript integration.
• Customizable Deployments: Maintain compliance with private deployment options for data-sensitive organizations.
• Expert Reports: Receive actionable insights tailored to your specific landscape.

Conclusion

Starting with a solid assessment sets the stage for a successful passkey implementation. By analyzing your device landscape, mapping application interactions, and understanding your MFA setup, you can enhance security, improve user experience, and reduce costs.

Explore the full guide to enterprise passkeys:
Part 1 - Initial Assessment and Planning
Part 2 - Stakeholder Engagement
Part 3 – Product, Design & Strategy Development
Part 4 – Integrating Passkeys Into an Enterprise Stack