Biometric data is only stored on your device. Logging into an app or website with a passkey just uses bog standard asymmetric crypto (public/private keypair). Also a lot of thought was put into the WebAuthn standard (an open standard) to make sure it can't be used as a tracking vector.
Biometric data is only stored on your device. Logging into an app or website with a passkey just uses bog standard asymmetric crypto (public/private keypair). Also a lot of thought was put into the WebAuthn standard (an open standard) to make sure it can't be used as a tracking vector.