Australian digital bank Ubank is expanding passkeys, a login technology that replaces passwords with cryptographic key pairs, to online banking.

Ubank, which is a division of National Australia Bank (NAB), says it is now the first Australian bank to offer passkeys on both mobile and online platforms after being the first in the country to launch the feature on its app in August 2024.

Passkeys are FIDO authentication credentials based on FIDO standards which allow users to sign in to apps and websites with the same process that they use to unlock their device, including biometrics, PIN, or pattern.

The FIDO Alliance is an open industry association that aims to change the nature of authentication with open standards for phishing-resistant sign-ins with passkeys.

With the technology, Ubank customers who’ve registered a Passkey in the app can use it to log into online banking.

The bank said it has seen strong adoption of the technology on its mobile app since the service launched.

The financial company reported that 90 per cent of digitally active users of the app had adopted Passkeys as their preferred login method, replacing traditional passwords and SMS codes with biometric and device-based authentication.

“By expanding this technology to online banking, we’re giving customers more choice and convenience, while strengthening protection against phishing and impersonation scams,” said Andrew Morrison, chief customer and digital officer at Ubank.

Morrison added the feature is part of the bank’s broader security strategy. “We are embedding protection into our products and features, so our customers can bank with confidence in an increasingly digital world.”

Other security services currently offered by Ubank include beneficiary confirmation, with the service verifying the name and account number entered against the receiving bank's records, providing a match result before the payment is made.

The company highlighted the growing importance of cybersecurity in financial services, citing security agency Australian Signals Directorate's 2024-25 annual cyber threat report which reveals that over 84,700 reports of cybercrime were recorded last year, many of which involved password theft and compromised credentials.

Ubank added that it will soon introduce smart prompts that adapt to customer behaviour to help verify payments and prevent fraud.

---