Google's Project Abacus to Kill off traditional Android Password Logins
Google is set to try an alternative to password requirements for Android apps next month. According to reports, Google’s Project Abacus is in its final trial stage and is working on a secure authentication system called Trust Score. The system essentially replaces the use of passwords or PINs to login and will use biometric data and other information instead.
At a recent Google I/O developer conference, Daniel Kaufman, Google’s head of Advanced Technology and Projects group says “We have a phone, and these phones have all these sensors in them. Why couldn’t it just know who I was, so I don’t need a password? I should just be able to work”. He added that Abacus aims to kill passwords not via a one-off replacement but by combining multiple weaker indicators into a veritable authentication that will confirm the user’s identity. Google says that the test has already been running at 33 universities across 28 states.
[READ: Google Android Security Report]
The new API will be tested with some “very large financial institutions” based on a cumulative Trust Score in June and will derive from the user’s typing speed and style, vocal patterns, location, facial recognition, and proximity to familiar Bluetooth devices, as well as WiFi hotspots. Generally, low-risk apps and basic tools would not need to run a very high trust score, but sensitive apps such as banking and webmail that would require a higher trust score to be met for the user to log in. The Trust API would always run in the background of the user’s phone to measure unique user habits. “What we’re going to do with this is be able to get rid of the awkwardness of second-factor authentication,” Kaufman said, pertaining to the tedium of having to enter passwords and PINs when trying to access apps.
[READ: Android's security features through the years]
When Google unveiled Android Lollipop in 2014, they implemented a similar technology called Smart Lock on Android 5.0 and higher versions, allowing users to automatically unlock their devices as long as the user’s smartphone is within range of the paired device. If it loses connection, it locks up again. Project Abacus, however, runs in the background to continually collect data about the user to form its Trust Score.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases