Google lets Android users use their phones as a security key

Android phone users can now use their phone as a security key. This form of two-step verification requires a Bluetooth connection between phone and computer. Google says that this two-step form of security is more secure than, say, text messages.

With the security key, users can log in to their Google Accounts, for example. Now users can already use two-step verification there, for example through the use of text messages and notifications. However, according to Google, these can be hijacked by, for example, using fake login pages. Security key authentication is more secure, according to the company. Users have to press a button on the phone to confirm their identity. Google gives the example of the volume button that has to be pressed for a few seconds.

The security key works on the basis of the FIDO standard for the connection between computer and telephone. You need a device that runs at least Android 7.0 for use. The computer must be able to support bluetooth and have Chrome browser installed. In order to use the key, according to Google, the user must set up his or her account accordingly. The phone is connected to the computer via bluetooth. As a result, the phone must be relatively close to the computer in order to log in this way.

Google does recommend that users purchase an additional security key as a backup. This way people can still access their Google Account if they lose their phone. Google has used open standards to develop the security key, VentureBeat reports. In addition to FIDO, these are WebAuthn for the authentication between computer and website and a cable technique developed by Google to connect the phone to the computer. As a result, the company hopes that other browsers and iPhones will also support it in the future. It is also intended that in the future users will be able to use the key to log in to sites other than Google’s.