Seems like they will leave up security to the OS vendors? From the white paper:
We expect that FIDO authenticator vendors (in particular those of authenticators built into OS platforms) will adapt their authenticator implementations such that a FIDO credential can survive device loss. [...]
Just like password managers do with passwords, the underlying OS platform will “sync” the cryptographic keys that belong to a FIDO credential from device to device. This means that the security and availability of a user’s synced credential depends on the security of the underlying OS platform’s (Google’s, Apple’s, Microsoft’s, etc.) authentication mechanism for their online accounts, and on the security method for reinstating access when all (old) devices were lost.
We expect that FIDO authenticator vendors (in particular those of authenticators built into OS platforms) will adapt their authenticator implementations such that a FIDO credential can survive device loss. [...]
Just like password managers do with passwords, the underlying OS platform will “sync” the cryptographic keys that belong to a FIDO credential from device to device. This means that the security and availability of a user’s synced credential depends on the security of the underlying OS platform’s (Google’s, Apple’s, Microsoft’s, etc.) authentication mechanism for their online accounts, and on the security method for reinstating access when all (old) devices were lost.
https://media.fidoalliance.org/wp-content/uploads/2022/03/Ho...