Help Centre

Security

How passkeys work on Credicorp sign-in

A passkey is a secure sign-in method stored by your phone, computer, password manager or security key. Instead of typing a password, you approve the sign-in with the same method you use to unlock that device, such as a fingerprint, face check, PIN or hardware security key.

Where passkeys are used

Passkeys are part of Credicorp SSO. When passkeys are available for your account, the sign-in screen may show a Sign in with a passkey option. Customer journeys start from clients.credicorp.co.uk/login; staff journeys may start from an internal app or sso.credicorp.co.uk.

Why passkeys are safer than passwords

  • They are tied to the genuine site. A passkey created for Credicorp will not work on a fake look-alike domain.
  • There is no password to type or reuse. That removes a common route for phishing and credential stuffing.
  • Your device proves possession. The sign-in needs the device, password manager or security key that holds the passkey.
  • Credicorp does not receive your fingerprint, face data or device PIN. Those stay with your device or passkey provider.

Setting up a passkey

  1. Sign in through the normal Credicorp sign-in route. Use the customer portal or staff SSO link you normally use.
  2. Open the security or passkeys area if it is available to you. Follow the on-screen prompt to add a passkey.
  3. Approve the device prompt. Your browser, password manager or security key will ask you to confirm with your device unlock method.
  4. Name the passkey clearly if asked. Use a label that will make sense later, such as "Work laptop" or "YubiKey".
  5. Keep a recovery route. Do not remove your last usable sign-in or recovery method unless you have set up a replacement.

For a detailed walk-through including registering multiple passkeys and what to do if you lose a device, see setting up a passkey for your Credicorp account.

If your passkey is lost or not working

Use the recovery option shown on the sign-in screen. If you still have access with a password, another passkey, or a recovery route, sign in and remove the lost passkey from your security settings. If you cannot get in, customers should use the General Support Enquiry form or Contact Us; staff should use the internal support route.

Do not approve prompts you did not start

If your phone, browser or security key asks you to approve a passkey sign-in that you did not begin, reject it. Then change your password if one is still set and contact support through an official route.

For broader account security, see keeping your portal login secure and setting up two-factor authentication.

See also: Advance-fee and fake loan offer scams, Choosing a strong password for your business account, How Credicorp will — and won't — contact you.

Already a customer? Sign in to your account Sign in

Ready to apply?

Apply online in minutes. We lend to UK limited companies and LLPs — no personal guarantee required.

Apply for a Credicorp loan →
Back to Help Centre

Still need help? Our team is here. Contact us or search the help centre for more answers.