That's not what passkeys are though. The server isn't validating if you have a matching face. The server is only checking if you have the private key that corresponds to a public key registered to your account. The private key lives on your device, and may be encrypted under a PIN, password, or biometric. In all those cases, the decryption operation is strictly local.

Let's say some crook makes a convincing copy of your face. With passkeys, that's still not enough to log in. They have to have your private key too.