CAP-036 — Passkey / FIDO2 authentication¶
| Category | Security & trust |
| Business goal | Not yet linked to a business goal |
| Satisfying module | MOD-068 |
| Mode | GATE |
| BD owner | BD09 Technology |
| Human needed | No |
Passwordless login using FIDO2/WebAuthn passkeys stored in the customer's device secure enclave or a hardware key. Eliminates phishing risk from password-based authentication — the passkey cannot be stolen or reused on a different origin. MOD-044 issues the session JWT on passkey verification; MOD-045 manages the cryptographic key lifecycle.