The UK Government is planning to implement passkey technology for its digital services later this year.
AI and Digital Government Minister Feryal Clark announced the plan at the Government’s CyberUK event.
Passkeys are unique digital keys tied to specific devices that help users log in safely without needing an additional message or other code. When a user logs into a website or app their devices uses the key to prove their identity.
DSIT has indicated that it will support the use of Fast IDentity Online (FIDO) standards for passkeys, which are generated and stored on the devices.
Clark said: “The roll out of passkeys across GOV.UK services marks another major step forward in strengthening the UK’s digital defences while improving the user experience for millions.
“Replacing older methods like SMS verification with modern, secure passkeys will make it quicker and easier for people to access essential services — without needing to remember complex passwords or wait for text messages.
“This shift will not only save users valuable time when interacting with government online, but it will reduce fraud and phishing risks that damage our economic growth.”
Security on device
The National Cyber Security Council (NCSC) said the method is more secure because the key remains stored on the device and cannot be easily intercepted or stolen, making it phishing-resistant by design. If someone attempts to steal a password or intercept a code they would be unable to gain access without the physical device that contains the passkey.
It has announced its support for the Government’s move by joining the FIDO Alliance – the industry consortium aimed at reducing the “over-reliance” on passwords – to shape international passkey standards.
NCSC chief technical officer Ollie Whitehouse said: “The NCSC has a stated objective for the UK to move beyond passwords in favour of passkeys, as they are secure against common cyber threats such as phishing and credential stuffing.
“By adopting passkey technology, government is not only leading by example by strengthening the security of its services but also making it easier and faster for citizens to access them.
“We strongly advise all organisations to implement passkeys wherever possible to enhance security, provide users with faster, frictionless logins and to save significant costs on SMS authentication.”
