Security keys
Security keys are cryptographically protected credentials. AGOV only permits those with non-extractable hardware binding. They are stored either on an external device (e.g. a FIDO2 USB stick) or as so-called hardware-bound passkeys on the secure chip of the end device. Such security keys can be used via the WebAuthn standard for secure authentication in web applications.