DoorDash shares their experience rolling out passkeys across their platform, covering how passkeys work technically (WebAuthn, FIDO2, public key cryptography), their phased rollout strategy starting with native mobile, and practical lessons learned. Key technical details include the registration and assertion flows, use of the WebAuthn Signal API for client-server sync, and handling platform/browser inconsistencies on iOS and web. Benefits cited include 4x improvement in user conversion, halved login time, and reduced phishing risk. The post also covers conditional passkey creation in newer Chrome and Safari versions for seamless silent upgrades from passwords.
Sort: