There appears to be a regression or restriction in iOS 26.2 and 26.2.1 regarding the Web Authentication API in third-party browsers (browsers other than Safari).
Specifically, the method PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable() returns false when called from within non-Safari browsers (e.g., Chrome, Firefox, Edge) on iOS, even when the device supports biometrics (FaceID/TouchID) and Passkeys are enabled.
This prevents third-party browsers from correctly detecting Platform Authenticator availability, leading websites to hide Passkey login options or default to cross-device authentication flows instead of using the local device's biometric authenticator.
Environment:
- OS: iOS 26.2, iOS 26.2.1
- Device: iPhone 17
- Browsers Tested: Chrome iOS and Firefox iOS
Steps to Reproduce:
- Launch Safari on an iOS device running iOS 26.2+.
- Navigate to
https://www.passkeys-debugger.io/. - Observe that "Platform Auth" is highlighted in Green (
true), indicating the device is eligible for passkey authentication. - Launch a non-Safari browser (e.g., Chrome or Firefox) on the same device.
- Navigate to
https://www.passkeys-debugger.io/.
Expected Results:
"Platform Auth" should be Green (true), matching the behavior in Safari, as the device possesses a built-in platform authenticator.
Actual Results:
"Platform Auth" is highlighted in Red (false).
Impact: This discrepancy fragments the Passkey user experience on iOS. Users preferring third-party browsers are unable to utilize the seamless on-device biometric authentication that is available in Safari. It forces developers to implement complex fallbacks or results in users believing their device is incompatible with Passkeys.
