I. What is Passkey + Biometric Authentication?
1. Passkey is a password-free authentication method. Through encryption key pair technology, it generates a unique credential for your MGBX account, which is firmly bound to the account and cannot be stolen by phishing attacks. It fundamentally reduces risks such as password leakage and credential stuffing, making it more secure than traditional password + OTP verification.
2. MGBX integrates Passkey with device biometrics (fingerprint recognition, facial recognition). You no longer need to remember complex passwords or manually enter verification codes. Simply use your device's common unlocking method (fingerprint, face) to quickly complete operations such as login and transaction verification.
3. Core Advantages Compared to Traditional Verification Methods
- More Secure: Based on asymmetric encryption technology, the private key is stored only on your device, not transmitted or stored on MGBX servers, completely eliminating the risks of password leakage, SIM swapping, and phishing attacks.
- More Convenient: No need to remember complex passwords, no need to receive and enter verification codes. Biometric authentication with one click.
- Cross-Device Sync: Supports Passkey synchronization via iCloud Keychain (Apple devices) and Google Keystore (Android devices).
Friendly Reminder: Biometric information is stored only on your local device and is never uploaded to MGBX servers. The server only confirms the successful result of biometric verification, comprehensively protecting your privacy and security.
II. Complete Process for Creating a Passkey
Prerequisites:
- Already logged in to your MGBX account;
- Device supports biometrics (fingerprint/face) and has device biometric unlocking enabled;
- Android devices need to be upgraded to 9.0+, iOS devices to 16.0+, Web needs to use mainstream browsers supporting Passkey like Chrome, Safari.
(A) Creation Process on iOS (iPhone/iPad)
- Open the MGBX iOS App (version 1.5.0 or higher), click [Profile] in the top right corner to enter the Personal Center.
-
In the Personal Center, find [Security Center], click to enter, scroll down to find the [Passkey] module.
- Click [Add Passkey]. The system will prompt you to verify the current account identity (complete existing 2FA verification, such as Google Authenticator or SMS verification).
- After identity verification passes, a confirmation pop-up will appear. Verify your MGBX account and click [Continue].
- The system automatically invokes the iOS device's biometric authentication (Face ID/Touch ID). After successful verification, you will be notified that the "Passkey has been created and bound".
- If you have iCloud Keychain enabled, the created Passkey will automatically sync to all Apple devices logged into the same Apple ID, without needing to create it again. If not enabled, the system will prompt you to enable iCloud Keychain for cross-device use.
- After creation, you can view the bound key in the [Passkey] page, modify the key name (to distinguish devices), completing the entire creation process.
(B) Creation Process on Android
- Open the MGBX Android App (version 1.5.0 or higher), click [Profile] in the top right corner to enter the Personal Center.
- Go to [Security Center], scroll down to find the [Passkey] module, and click [Add Passkey].
- First, complete account identity verification (existing 2FA verification, like Google Authenticator or SMS). After verification passes, verify account information and click [Continue].
-
The system will display a verification method selection pop-up, allowing you to choose one of three methods:
- Method 1: Device Biometrics (Fingerprint/Face) – Directly invokes the device's built-in biometric function; creation completes after successful verification.
- Method 2: USB/NFC Security Key – Insert a USB security key or tap an NFC security key to the back of the device; create after verification.
- Method 3: Google Keystore – If Google Password Manager is enabled, you can sync Passkey through it for use across Android devices.
- After verification, the system prompts "Passkey created successfully". You can modify the key name on the corresponding page to complete the creation process.
(C) Creation Process on Web (Computer Browser)
- Open a browser (latest version of Chrome, Safari recommended), visit the MGBX official website, and log in to your account.
- Click the profile picture in the top right corner, select [Account Settings] from the dropdown menu, and after entering, find [Security Center].
- In Security Center, find [Passkey] and click [Add Passkey].
- Complete account identity verification (existing 2FA verification). After confirming the account email is correct, click [Continue].
-
The system will display a verification method selection pop-up; choose according to your needs:
- Method 1: Local Computer Verification – If the computer supports biometrics (like Mac's Touch ID), verify directly via biometrics to complete creation. Without biometrics, enter the computer system PIN for verification.
- Method 2: USB/NFC Security Key – Insert a USB security key or tap an NFC security key to the computer; create after verification.
- Method 3: Mobile Phone Verification – Click [Other Device] to generate a QR code. Use a phone with an MGBX Passkey bound to scan the QR code and verify via the phone's biometrics to complete creation.
- After successful verification, the browser will prompt "Passkey saved". Meanwhile, the MGBX page shows creation success. You can modify the key name to complete the creation process.
(D) Renaming Process
- Locate the Passkey you need to rename.
- Click the [Rename] icon. An input box will appear; enter your custom name (e.g., "My iPhone 17", "iPad Pro", "Huawei Mate 60". It's recommended to use device-specific names for easy identification).
- After entering, click [Confirm]. The system prompts "Rename successful". Return to the list to view the modified name.
(E) Deletion Process
- Locate the Passkey you need to delete and click on it to enter the details page.
- Click the [Delete] icon. The system will display a confirmation pop-up, prompting "After deletion, this device will not be able to log in using this Passkey. Confirm deletion?"
- Click [Confirm Delete]. The system will require account identity verification (complete 2FA verification). After successful verification, the Passkey will be immediately deleted.
- After successful deletion, the system will prompt "Passkey deleted". The key will be removed from the list. If iCloud sync is enabled, the corresponding Passkey on associated devices will also be deleted simultaneously.
III. Frequently Asked Questions (FAQ)
- Can I still use password login after enabling Passkey?
Yes. Passkey is an additional verification method and does not replace the original password login. You can choose between "Password Login" or "Passkey + Biometric Login" based on your needs, providing double protection for greater peace of mind.
- Can I still use Passkey after changing devices?
Yes. If you have enabled cross-device sync (iCloud Keychain, Google Keystore), after changing devices, simply log in to the corresponding account (Apple ID/Google Account) to sync your Passkey. If sync is not enabled, you can recreate the Passkey on the new device; the Passkey on the original device will still work normally.
- What if I forget my device unlock password (or biometrics fail) and cannot use Passkey?
You can log in to your account using the original MGBX login method (password + 2FA), go to [Security Center], delete the invalid Passkey, and then create a new Passkey.
- Can Passkey be bound to multiple devices?
Yes. One MGBX account can be bound with multiple Passkeys corresponding to different devices (phones, computers), making it convenient for multi-scenario use. Passkeys on different devices are independent and do not affect each other. (However, only one Passkey can be added per device type.)
- Does renaming a Passkey affect login or sync functions?
No. Renaming only changes the display name of the Passkey, not its core verification credential. It does not affect login, transaction verification, or cross-device sync functions. It is simply to help you distinguish Passkeys on different devices.
-
Can I re-create and bind a device after deleting its Passkey?Yes. Deleting a Passkey only unbinds that specific device from the account. There are no restrictions on recreating it later. You can simply follow the creation process for the corresponding terminal again.
- What if some Android devices do not support Passkey during login?If your device indicates that Passkey is not supported, we recommend switching to another device or using other secure login methods.
IV. Friendly Reminders
- Please take good care of your device to prevent loss and unauthorized use of your Passkey.
- It is recommended to set a lock screen password (or biometric unlock) for your device to further enhance Passkey security.
- If your device is lost, immediately log in to your MGBX account and delete the Passkey bound to that device to prevent account security risks.
- If you need help, you can contact MGBX official customer service, and we will provide you with one-on-one guidance.
- When renaming a Passkey, it is recommended to use a clear device identifier name to avoid confusion. Before deleting a Passkey, please ensure the device is idle or no longer in use to avoid accidental deletion affecting normal login.
Security is the cornerstone of trading, and convenience is the original intention of our service. MGBX always operates with compliance as a prerequisite and user needs as the core, continuously introducing cutting-edge industry security technologies to safeguard your digital asset transactions.
MGBX Team
February 27, 2026
Comments
0 comments
Article is closed for comments.