GenAI Makes Passkey More Important For Online Security

JAKARTA The sophistication of Generative AI (GenAI) is now bringing new threats in cyberspace, making it easier for attackers to create very convincing phishing websites, even without coding expertise.

This situation increases the urgency of online security, and this is where the role of passkeys becomes more important than ever to protect yourself from the growing threat.

In the past, building websites such as Microsoft FrontPage or Adobe Dreamweaver did make it easier to create websites, but they still need a little expertise to produce a good look. Now, thanks to GenAI, you can create a website with just a simple text order. This convenience, unfortunately, is also used by the attackers.

One way hackers get your password is through phishing attacks. These attacks are usually disguised to convince victims that the websites, SMS, or emails they open come from legitimate contacts.

Then, when the victim clicks on or enters sensitive details such as their password, hackers use that information to log into the victim's original account.

Well, this is where GenAI and passkey play a role. Thanks to GenAI, users with little or no knowledge of coding or design can create content instantly. These tools are very powerful and can assemble websites that look like the original.

That is, attackers need not be proficient in technology to create websites similar to your bank. According to researchers in Okta, "This observation signifies a new evolution in the use of Generative AI by threat actors who have demonstrated the ability to produce functional phishing sites from simple text commands."

Therefore, using security tools such as passkeys removes the old password system and makes the login process much safer.

Passkey is created as an alternative to traditional passwords. This system relies on biometrics or devices that you may only have and use. For example, if you enable the passkey on your Google account and want to log in to the account, instead of entering the password as usual, the passkey will ask for authentication from your authentication device, such as your smartphone.

You can then use your phone's biometrics to confirm that you are the person you claim to be. Unless the attacker has physical access to you, it is almost impossible for them to "trick" you.

Passkey is also safer than Two-Factor Authentication (2FA) which relies on OTP (One-Time Password) sent to your phone. While 2FA is safer than traditional passwords, SIM swap attacks can easily cancel them out.