- Government drops SMS logins, replacing them with secure, phishing-proof passkeys
- Passkeys cut login times and costs while boosting digital service access
- UK joins FIDO Alliance to shape the future of secure authentication
The UK government has said it will roll out passkey technology across its digital services later in 2025, aiming to phase out SMS-based verification in favour of a more secure, user-friendly alternative.
Passkeys are unique digital credentials tied to a user’s personal device and offer a way to authenticate identity without the need for traditional passwords or one-time text codes.
Passkeys never leave the device and so cannot be reused across websites, which makes them resistant to phishing and other common attacks.
Strengthening cyber resilience
The UK’s National Cyber Security Centre (NCSC) said the shift to passkeys will strengthen national cyber resilience.
“The NCSC has a stated objective for the UK to move beyond passwords in favor of passkeys, as they are secure against common cyber threats such as phishing and credential stuffing,” said Ollie Whitehouse, NCSC Chief Technical Officer.
“By adopting passkey technology, government is not only leading by example by strengthening the security of its services but also making it easier and faster for citizens to access them.”
This rollout could also save the government millions annually by removing SMS-based costs, while reducing the average login time for users.
“Replacing older methods like SMS verification with modern, secure passkeys will make it quicker and easier for people to access essential services," AI and Digital Government Minister Feryal Clark said.
The NCSC has also joined the FIDO Alliance, an international group working on standards for passwordless login.
“The UK government’s adoption of passkeys across its digital services reflects a profound decision that stands to protect UK citizens while providing the government with greater security and operational efficiency,” said Andrew Shikiar, Executive Director and CEO of the FIDO Alliance.
While passkeys are not without challenges, such as recovery options, device syncing, and inconsistent platform support, the government views them as the future of digital identity. The NCSC says it is actively working with vendors and international bodies to address the issues with passkeys and accelerate adoption.
