passkeys.dev logo passkeys.dev logo
  • Docs 
  • Device Support 
  • About 
  •  
  •  
  •  
  •  
Docs
  • Intro
    • What are passkeys?
  • Use Cases
    • Bootstrapping
    • Reauthentication
  • Advanced
    • Client Hints
    • Related Origin Requests
  • Tools & Libraries
    • Libraries
    • Test & Demo Sites
  • Reference
    • Android
    • iOS & iPadOS
    • Chrome OS
    • macOS
    • Windows
    • Known Issues
    • Specifications
    • Terms
  • Intro
    • What are passkeys?
  • Use Cases
    • Bootstrapping
    • Reauthentication
  • Advanced
    • Client Hints
    • Related Origin Requests
  • Tools & Libraries
    • Libraries
    • Test & Demo Sites
  • Reference
    • Android
    • iOS & iPadOS
    • Chrome OS
    • macOS
    • Windows
    • Known Issues
    • Specifications
    • Terms

Known Issues

Share via
passkeys.dev
Link copied to clipboard

A list of known issues with passkey implementations

On this page
Passkey Metadata   Samsung Pass   User Verification  

Passkey Metadata  

Samsung Pass  

According to Samsung documentation ( source), Samsung Pass creates synced passkeys which are available on other devices where Samsung Pass is installed.

During testing on 2024-09-05, it was observed that passkeys created in Samsung Pass return the backup eligible flag as false, signaling a device-bound passkey.

Test device details:

  • Galaxy S22
  • Android 14 (UP1A.231005.007.S901USQS6EXG8)
  • One UI 6.1
  • Samsung Pass 4.4.02.7

View decoded details

{
  "id": "z6pL5MuQwkXlm8w5ekAiyVOFlNjeQylYhT-7zM7j7WU",
  "rawId": "z6pL5MuQwkXlm8w5ekAiyVOFlNjeQylYhT-7zM7j7WU",
  "response": {
    "attestationObject": "o2NmbXRmcGFja2VkZ2F0dFN0bXSjY2FsZyZjc2lnWEcwRQIgWXza-be0D1PEO71VmL0sK0vsFL23vXmuEWsIMDC630cCIQDI94Li83tC9ObYsl_KLeetJYJF1LYhX4P4-LrPleUQJmN4NWOBWQJoMIICZDCCAgigAwIBAgIJAPV8v0W8CvhMMAwGCCqGSM49BAMCBQAwgaYxHzAdBgNVBAMTFlNhbXN1bmcgRWxlY3Ryb25pY3MgQ0ExHDAaBgNVBAoTE1NhbXN1bmcgRWxlY3Ryb25pY3MxFzAVBgNVBAsTDlNhbXN1bmcgTW9iaWxlMRMwEQYDVQQHEwpTdXdvbiBjaXR5MQswCQYDVQQGEwJLUjEqMCgGCgmSJomT8ixkAQEMGlNhbXN1bmdEZXZpY2VSb290Q0FLZXlfRUNDMB4XDTIzMDkxOTA1NDkxNFoXDTQzMDkxNDA1NDkxNFowfzELMAkGA1UEBhMCS1IxHDAaBgNVBAoME1NhbXN1bmcgRWxlY3Ryb25pY3MxIjAgBgNVBAsMGUF1dGhlbnRpY2F0b3IgQXR0ZXN0YXRpb24xLjAsBgNVBAMMJVNhbXN1bmcgRWxlY3Ryb25pY3MgRklETzIgQXR0ZXN0YXRpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQZokK4d5QdhN9fFJTb_T206U1WmxQRCJbqb-UCaq9siPVKBA6TaSrPCIU8GjeXbUa85FYYH6EMWh_QOnNjQWWbo0MwQTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB_wQEAwIGwDAhBgsrBgEEAYLlHAEBBAQSBBBTQU1TVU5HAAAAAAAAAAAAMAwGCCqGSM49BAMCBQADSAAwRQIhAIBCXe_4AlECip2G3nTS0GrRtIHbaVW_0hLy8ys3EdyoAiAETMcz76gqzLoHQODkkk_nbSEu0WAGPh7bK3Y-1m6uZWhhdXRoRGF0YVikdKbqkhPJnC90siSSsyDPQCYqlMGpUKA5fyklC2CEHvBFAAAAAFNBTVNVTkcAAAAAAAAAAAAAIM-qS-TLkMJF5ZvMOXpAIslThZTY3kMpWIU_u8zO4-1lpQECAyYgASFYIE5HQDsE0Z0KrevEm67wFwN43o9B8hNQgl3VIW-iuaTMIlgg3BPaZ-68R9E0dl-viKQdjLB_7QY9zWdPD11YoP00T4I",
    "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiaGJBaUtkcE5YOTBFYVlZTlAtaVFTbjBGTGlHSnFCUFdUQUJEbkI4ZnhxenNpQzdxNlYxUUNJcUZMTlVwdTBMQWx5WHMxaE1ETFhOVld6N0hOQl8wanciLCJvcmlnaW4iOiJodHRwczovL3dlYmF1dGhuLmlvIiwiY3Jvc3NPcmlnaW4iOmZhbHNlLCJvdGhlcl9rZXlzX2Nhbl9iZV9hZGRlZF9oZXJlIjoiZG8gbm90IGNvbXBhcmUgY2xpZW50RGF0YUpTT04gYWdhaW5zdCBhIHRlbXBsYXRlLiBTZWUgaHR0cHM6Ly9nb28uZ2wveWFiUGV4In0",
    "transports": [
      "hybrid",
      "internal"
    ],
    "publicKeyAlgorithm": -7,
    "publicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETkdAOwTRnQqt68SbrvAXA3jej0HyE1CCXdUhb6K5pMzcE9pn7rxH0TR2X6-IpB2MsH_tBj3NZ08PXVig_TRPgg",
    "authenticatorData": "dKbqkhPJnC90siSSsyDPQCYqlMGpUKA5fyklC2CEHvBFAAAAAFNBTVNVTkcAAAAAAAAAAAAAIM-qS-TLkMJF5ZvMOXpAIslThZTY3kMpWIU_u8zO4-1lpQECAyYgASFYIE5HQDsE0Z0KrevEm67wFwN43o9B8hNQgl3VIW-iuaTMIlgg3BPaZ-68R9E0dl-viKQdjLB_7QY9zWdPD11YoP00T4I"
  },
  "type": "public-key",
  "clientExtensionResults": {
    "credProps": {
      "rk": true
    }
  },
  "authenticatorAttachment": "platform"
}

User Verification  

The following list of passkey providers have not implemented User Verification in a spec-compliant manner.

ProviderArchitectureuv=requireduv=preferred
1PasswordExtension❌ Handles request without performing UV, sets UV true❌ Sets UV true without performing UV
1PasswordNative✅ Performs UV✅ UV flag accurate
BitwardenExtension❌ Handles request without performing UV, sets UV true❌ Sets UV true without performing UV
KeepassXCExtension❌ Handles request without performing UV, sets UV true❌ Sets UV true without performing UV
Okta PersonalExtension❌ Handles request without performing UV, sets UV true❌ Sets UV true without performing UV
Okta PersonalNative✅ Performs UV✅ UV flag accurate
Proton PassExtension❌ Handles request without performing UV, sets UV true❌ Sets UV true without performing UV
Proton PassNative❌ Handles request without performing UV, sets UV true❌ Sets UV true without performing UV
StrongboxNative❌ Handles request without performing UV, sets UV true❌ Sets UV true without performing UV

Architecture: Extension = web browser extension, Native = OS native app using provider APIs

Last Updated: May 31, 2025
On this page:
Passkey Metadata   Samsung Pass   User Verification  
passkeys.dev
passkeys.dev
This site is brought to you by members of the W3C WebAuthn Community Adoption Group and the FIDO Alliance.
CC BY-NC-ND 4.0 | Privacy Policy
 
Links
Docs 
About 
Device Support 
Resources
Passkey Central 
Dev Discussions 
FIDO Alliance 
Tools
Client Feature Detect 
WebAuthn Response Decoder 
passkeys.dev
Code copied to clipboard