Infinex bets on passkeys to access 100 crypto DApps — but is it safe?

Using your thumbprint and phone to log in to crypto sites and approve transactions is very convenient — but how does its security compare to a hardware wallet?

Infinex is beta testing a new Chrome browser extension that enables users to log in to the top 100 crypto sites across 20 chains using any old phone with fingerprint or face unlock.

Using a phone passkey tied to a Google or Apple account to log in and approve crypto transactions is arguably a lot easier for new users than learning about wallets and seed phrases, and more convenient for existing users than approving every transaction using a Ledger or Trezor.

“Figuring out the seed phrase security, and private key OpSec et cetera, is challenging for most people, and it has been a filter for getting people on chain,” founder Kain Warwick told Cointelegraph in Singapore last week.

But while passkey systems offer very good security, they are not as bomb-proof as dedicated crypto hardware wallets, which are almost impossible to hack. 

As hardware wallet manufacturer Ledger points out, non-dedicated devices come with the risk that the screen could be compromised to trick users into signing malicious transactions, as seen in the recently patched Unity Android game platform vulnerability.

Read more