Security keys have obvious benefits: Even if a hacker steals your password and login, unless he or she also stole the physical key, your account would still be safe. Also, if you were typing in your credentials on a phishing website, the security key would detect it and warn you about the fraudulent page.
When Google first announced Android phones as security keys, it noted that it was only working on Chrome browsers and Google accounts, but it expected to expand availability. It already works over MacOS by using the Chrome browser, but for iOS devices, Google will require people to use the Smart Lock app instead.
The expansion for Android phones as security keys adds another layer of security for iOS devices, as Apple also announced privacy protections with logins at WWDC. Sign-In with Apple allows people to log onto other services without providing their email addresses and passwords, and works with biometrics like Face ID and Touch ID instead.
Like security keys, biometrics offer an extra level of protection, as it's much harder for hackers to remotely steal your fingerprints or your face.
Watch this: Apple beefs up privacy controls on iOS 13