Google Uses iPhone as a Physical Security Key

The latest update from Google’s smart lock app on the iOS allows users to make their iPhone a physical security key while logging on to Chrome services

 

Two-factor authentication could well be the in-thing as login security enters a new phase in the new decade. Though it may not result in total protection, the fact remains that having codes sent a smartphone via text message is indeed better than having nothing at all. And Google Smart Lock just accepted this fact while releasing its latest update.

 

The new update allows Google to treat iPhones into a physical security key while logging into Chrome and its associated first-party apps. Already available on Android, this update allows iPhone users to ensure that it is indeed the right person logging in, besides getting the phone user to enrol into Google’s Advanced Protection Program.

According to a report published in 9To5Google.com, Google is leveraging the Secure Enclave found on Apple’s A-series chips. Storing Touch ID, Face ID and other cryptographic data, it was first introduced on the iPhone 5s though that particular device no longer supports the iOS13, which is the latest available operating system.

The new system ensures that anytime users enter a Google account username or password, they get prompted open Smart Lock on the iPhone to confirm a sign-in with the added option of cancelling it with the “No, it’s not me” message. However, this would work only while signing in to Google with Chrome when Bluetooth is on at both the PC and the phone.

To get started, one needs to install the latest update that would then prompt users to select an account to “Set up your phone’s built-in security key.” The smart lock was only used earlier to allow Bluetooth security keys and generating one-time security codes. With this update, it can effectively use the iPhone as a physical security authenticator.

If you're logging in through a different browser or app you'll still need to confirm your attempt through a different method such as a text message or Google Authenticator pin code or by tapping "yes" in the official Gmail app on your phone. Google also recommends having a "backup security key to your account and keeping it in a safe place," just in case you lose your phone, says a report published on CNet.com.

Experts argue that while two-factor authentication remains amongst the critical steps users can take to secure online accounts, the fact remains that these too aren’t completely fool-proof given that users could still fall prey to SIM swap attacks where a person with dubious intent could trick the carrier into giving away the SIM card and the user’s number.

 

 


TAGS: Google, Chrome, Google Chrome, iPhone, Apple iPhone, Google Smart Lock, Smart Lock, Software Updates, Updates, Dual Authentication