Passkeys: The more secure method of authentication

Eric Vo | Brale
Passkeys: The more secure method of authentication | Brale Blog

When it comes to moving money, authentication security is essential to the process.

Brale recently enabled the option for users to enroll in passkeys. Passkeys let you sign in with your face, fingerprint, or a hardware key. There is no password to remember, no magic link to look for, and significantly less exposure to phishing or email takeover.

This is one of the biggest upgrades yet to Brale’s customer authentication, and it positions us to deliver on the identity protection features fintech customers rely on.

What changed

Previously, Brale customers were offered the choice to authenticate via Google OAuth or a time-based one-time link to their email. It worked, but it had limits:

  • Attackers can intercept email links
  • It had limited options for authentication methods such as passkeys

We’ve integrated a new login page as Brale’s authentication front door. When you sign in, you’ll see a brand new interface where you are offered an additional, stronger method of authentication: passkeys. This can be expanded to include other providers in the future, as well as secondary factors, such as TOTPs.

WorkOS AuthKit sign-in screen showing passkey and other authentication options

Note

Existing users may see “Sign up for Brale” in their email when logging in for the first time with a temporary code.

Why passkeys matter for Brale customers

Passkeys are built on WebAuthN, which is a standard that allows users to authenticate via public-key cryptography (asymmetric cryptography). For Brale customers, this translates into real, everyday benefits:

Faster authentication

No more switching tabs and waiting for an email to come through to your inbox. If you've enrolled in a passkey, signing back in is usually one gesture: Touch ID, Face ID, or tapping your hardware key.

Resistance to phishing and business email compromise

Passwords and one-time links can be stolen or socially engineered, especially if business email is compromised. Passkeys are domain-bound, meaning they only work on the site they were created for and can never be used on a lookalike site.

Stronger customer authentication

Passkeys satisfy modern definitions of strong, phishing-resistant authentication. That matters as expectations around customer identity controls continue to rise.

Passkey enrollment screen in the Brale dashboard

The bottom line

Moving money requires trust. Trust starts at the front door.

Passkeys give Brale customers a faster, stronger method of authentication. The new authentication infrastructure offers a durable and flexible identity platform underneath it. Together, they’re a meaningful step forward for security, user experience, and the compliance posture customers expect from infrastructure that touches real funds.

Sign in and enroll your passkey today. Your future self (and your security team) will thank you.

How to enroll in passkeys

Existing user: Email [email protected] and we will get you set up.

New user: Sign up and continue with a passkey.

Contributors

  • Eric Vo | Brale
    Eric Vo
    InfoSec Intern