But most passkey providers don’t return attestation data. How do you get the dat... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		yladiz 89 days ago \| parent \| context \| favorite \| on: The cryptography behind passkeys But most passkey providers don’t return attestation data. How do you get the data?

parliament32 89 days ago [–]

Attestation is not provided by the passkey provider itself, but the OS.

For example, iOS uses the App Attest service (https://developer.apple.com/documentation/devicecheck/prepar...). On Android, you get it from Google Play Services (https://developer.android.com/google/play/integrity/overview) then the built in key attest service (https://developer.android.com/privacy-and-security/security-...). MS Authenticator does all the legwork and returns the results to you at sign-in time.

On Windows, WHFB has this built in (obviously). On macOS, this comes from Platform SSO (https://support.apple.com/en-ca/guide/deployment/dep7bbb0531...).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact