Consumers Consider Passwordless Logins Key to Overcoming All-in-One App Security Concerns

Given the proliferation of various apps, many consumers in the United States are eager for a more convenient way to manage their banking and shopping needs all within a single platform.

In fact, a joint PYMNTS-PayPal study shows that nearly 100 million individuals in the U.S. and Australia are interested in using an all-in-one finance and shopping app. In the U.S. alone, one-third of all consumers surveyed said they are highly interested in using an everyday app.

However, despite this strong desire for a convenient all-in-one everyday app, most Americans (55%) feel uneasy about the overall safety of these apps, especially when it comes to protecting their personal and financial information as they shop and bank online. In fact, 64% of consumers in the U.S. expressed reservations about an everyday app’s ability to safeguard sensitive personal data.

This concern is even higher among shopping-focused U.S. consumers, 67% of whom cited data security as a barrier to adopting an everyday app.

To overcome these security concerns, consumers expect robust security features in an everyday app. The most important security feature they put on their most-wanted list is two-factor authentication or passkeys for login, which were selected by 25% in the U.S.

Data encryption is also highly valued, with 24% of American consumers considering it crucial to secure all-in-one apps. “Potential users also care who provides the app — they perceive banks and PayPal as the most trusted merchants to deliver a high-quality and secure experience,” the report added.

These security features — along with opt-in permission for data sharing and notifications if information is found on compromised websites — can help alleviate consumer concerns and increase trust in everyday apps. As the report noted, “trust is central to the equation for the adoption of an everyday app.”

Passkeys Make the Most-Wanted Security List

Passwords — and even one-time passcodes (OTPs) — render consumers vulnerable to fraudsters. It’s a challenge that passkeys, which offer a more convenient and secure passwordless sign-in experience, can help solve.

Tech giants including Microsoft, Google and Apple have been leading the way, and earlier this year Google announced the addition of passkeys as an option for Google Accounts and 2-Step Verification (2SV).

According to the tech firm, passkeys offer an easier and more secure alternative to passwords, enabling users to “sign in to apps and sites the same way they unlock their devices: with a fingerprint, a face scan or a screen lock PIN,” Google said at the time. “And, unlike passwords, passkeys are resistant to online attacks like phishing, making them more secure than things like SMS one-time codes.”

Prior to that in March, PayPal, which was among the first financial service companies to deploy passkeys, began rolling out the digital credentials for Google Android devices to add an extra layer of security for the growing share of consumers who want password-free commerce.

At the time, the company said the “cutting-edge security standard is significant as passkeys will eventually address one of the biggest security problems on the web, which is the weakness of password authentication, because passkeys are highly resistant to phishing, credential stuffing and other remote attacks.”

And in June, Gerhard Oosthuizen, chief technology officer at Entersekt, and Mike Storiale, vice president of innovation development at Synchrony Bank, discussed this move from passwords to passkeys in an interview with PYMNTS, highlighting the need for banks to run passkeys and other options “in parallel” with passwords OTPs as they weigh the desired seamless experience against security concerns.

“Many of the financial institutions who are wondering how they’re going to start to implement this,” Storiale said of passkeys, “are probably looking at” that shift with concern. However, passkeys, said Oosthuizen, sit in a “sweet middle spot” where most consumer journeys could be facilitated by a simple face ID or a simple touch ID, as passkeys tie several devices together.