Google Develops Physical Security Key Feature for Android Phones
Google announced its latest security feature, which allows its Android phones to be used as a physical security key. Its two-factor authentication (2FA) method offers a more secure login than any other existing 2FA methods. With this, Android phones can be used as physical security keys for login verification.
To activate this feature, users need to connect their phone to a chrome browser through Bluetooth. The authentication method is compatible with Gmail, G Suite, and Google Cloud. Google is keen on adding its other websites to the fold once it has certified the new authentication service.
Google has recommended this security feature to prevent unauthorized logins using stolen passwords, thus defending user accounts from phishing attacks. It is mainly designed for shielding online profiles of well-known personalities, business leaders, politicians, and those who are most prone to targeted online attacks.
Google has offered many two-factor authentication methods over the years, some less secure than others, ranging from SMS verification codes to Google prompt. The previous feature enabled android phones and the Google application on computers to sync over the internet. Even though the new security feature is very similar to Google prompt, it requires the Android phone to be physically close to a computer on which the Google account is to be authenticated. According to Google, it is designed to thwart hackers trying to get into private accounts from halfway around the world. It uses security specifications such as fast ID online (FIDO) and web authentication (WebAuthn) to activate the user login.
The setup takes no more than two steps. To be activated as a security key, the phone needs to be running on Android 7 or higher. Also, the Chrome browser should be running on a Mac OS or Windows 10 device. The user needs to sign into the Google account on their Android phone and turn on their Bluetooth, before opening the Google security account website in Chrome browser on the second device. After clicking on “twostep verification,” the option to add a security key appears. The Android phone is selected from the list of devices displayed on the browser window. Once it is activated, the Android phone can be used as a physical security key to log into the user account.
By Tom Farrah, CIO & SVP, Dr Pepper Snapple Group
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Phil Jordan, CIO, Telefonica
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Dennis Hodges, CIO, Inteva Products
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sven Gerjets, SVP-IT, DIRECTV
By Marie Blake, EVP & CCO, BankUnited
By Lowell Gilvin, Chief Process Officer, Jabil
By Walter Carvalho, VP & Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Marc Jones, Distinguished Engineer, IBM Cloud Infrastructure