Enhancing E-commerce Security with Thetis FIDO2 Passkeys: A Case Study

Discover how a leading e-commerce platform improved its security and user experience by implementing Thetis FIDO2 Passkeys, achieving higher login success rates and reduced authentication times.

Updated on

In 2023, a large e-commerce platform (hereinafter referred to as "the Platform") decided to adopt FIDO2 Passkeys technology to address increasing cybersecurity threats and improve user experience. Globally, the adoption rate of FIDO2 Passkeys has risen significantly, with over 7 billion user accounts ready to use passwordless login methods​ (FIDO Alliance)​​ .


Before implementing FIDO2 Passkeys, the Platform faced several challenges:

  • Phishing Attacks: Traditional password and SMS OTP systems were susceptible to phishing attacks, posing a security risk to user accounts.
  • High Costs and Poor User Experience: While SMS OTP added a layer of security, its high operational costs and complex user experience led to decreased user satisfaction​ (Nitrokey)​​ (Bio Update)​.


To address these challenges, the Platform chose Thetis's FIDO2 security keys to implement FIDO2 Passkeys technology. This technology uses cryptographic key pairs to provide passwordless authentication, effectively preventing phishing attacks and simplifying the login process.

Implementation Process

1. Needs Analysis

  • Assessed the shortcomings of the existing system and identified security vulnerabilities and user experience issues.
  • Determined the primary problems and technical bottlenecks faced by users during the login process.

2. Supplier Selection

  • Chose Thetis as the supplier of FIDO2 security keys due to our products supporting multiple connection methods (USB, NFC, and Bluetooth), ensuring compatibility with various devices.

3. Technical Integration

  • Seamlessly integrated FIDO2 and Passkeys technology into the existing system, including adjustments to backend systems and frontend user interfaces.
  • Conducted multiple rounds of internal testing and small-scale user testing to ensure system stability and user experience.

4. User Training and Promotion

  • Introduced the new login method to users via email, platform announcements, and online tutorials, providing detailed usage guides.

Results and Impact

Key Data

  • Registered Users: After promoting FIDO2 and Passkeys, the Platform successfully attracted most users to register for the new system.
  • Success Rate: The login success rate with Passkeys reached 81.5%, significantly higher than the 73.2% with traditional SMS OTP.
  • Average Login Time: The average login time with Passkeys was 4.8 seconds, nearly four times faster than the 19 seconds with SMS OTP​.
  • User Feedback Users provided positive feedback, with many noting that the new system made logging in more secure and convenient, significantly improving the overall user experience.

Lessons Learned

  • Continuous Improvement: Implementing new technology and changing user habits require time and ongoing effort.
  • Importance of User Feedback: Timely collection and response to user feedback were crucial to the project's success.

Thetis Security Keys