Google Next 2019: Android Smartphones Can Be Used As Security Key
At its annual cloud computing event, Google Cloud Next 2019, the Mountain View giant announced that Android smartphones could be used as a security key to prevent phishing – a virtual threat that prompts users to share their credentials online. The feature is now valid as a beta, as long as the smartphone runs Android version 7 or higher.
It is worth mentioning that Google automatically blocks the majority of login attempts on accounts by malicious people, even if that person has a login and password, but the company understood that it was necessary to increase the security level with 2-step verification.
This is because phishing is one of the most common attack vectors on the web and one of the key factors that drive business data exposure. In addition to the corporate environment, the feature also makes activists and journalists less vulnerable to attack.
A security key has an encrypted secret used to prove that it is the key when the device is used to verify the website address that the user is accessing, which makes it highly resistant against phishing attacks. When a person uses it, the browser communicates with the security key through the USB or NFC or Bluetooth connection to verify their identity.
For Android, the FIDO standard was used to establish communication between the security chave and the browser. The system requires that the user unlocks their smartphone during suspicious or unrecognized login attempts.
Google recommends registering at least two security keys for the account, so you can still log in if one of them is lost or if the computer you are using does not offer a Bluetooth connection. You can still use your Android smartphone as the primary security key and get a second FIDO security key from multiple vendors, including the Titan security key, also offered by Google
How To Activate It?
Google has shown the steps required to use your smartphone as a security key. This requires a smartphone with Android 7 or higher and a computer with Chrome OS, macOS X or Windows 10 enabled for Bluetooth and with Chrome browser installed. Check out:
- Sign in to your Google account on your Android smartphone and turn on Bluetooth;
- On your computer, visit myaccount.google.com/security;
- Select 2-step verification;
- Click “Add a security key“;
- Choose your phone from the list of available devices.