Your Android is now a security key
Thursday, April 11, 2019
Comment
that any Android phone that uses version 7.0 (or higher) of its operating system can be used as a key for two-step authentication
As of today any Android phone with a version of the operating system higher than 7.0 (Android Nougat, launched in 2016) can become a key to use in what is known as double factor authentication , an additional layer of protection for network services or access to the operating system that requires the user not only to enter his password correctly, but to validate the entry (that is, to confirm that it is) from another independent device.
Double factor authentication can be implemented in many ways. A fairly common is the sending of an SMS message with an additional numeric code that must be entered to access a service or validate a financial transaction.
This system, however, is not entirely safe because it is not difficult to obtain a duplicate of a SIM card that allows an attacker to receive the code, for example, as part of a sophisticated phishing attack.
Many companies have therefore gone through a different solution, often with a small device that looks like a keychain or a flash drive that generates a unique code at the time of authentication.
Now, any Android device of the last two years can perform this same function. By connecting the phone via Bluetooth to the PC and using the Chrome browser, you can use the phone (previously unlocked), which will serve as an extra security measure. In the case of Pixel 3, which has an additional security chip, it will be enough to press the volume button when the on-screen service asks for it.
The feature is compatible with several security standards, such as FIDO or WebAuth, and can be used to access various Google services, such as Gmail or Google Cloud. Google, which has announced the new feature during the cloud service conference Next that takes place these days in San Francisco, ensures that other websites and browsers will be able to use this system soon.
FLOAT IN ALL THE CLOUDS
The announcement adds to the launch of Anthos, a platform that has starred in the opening conference of Google Next and that will put a single interface for different infrastructure providers in "the cloud", including its competitors Amazon AWS and Microsoft Azure.
In the war that is waged over the control of the network infrastructure, Google is still behind Amazon or Microsoft but could become the key element that allows taking advantage of all of them if Anthos works. Sundar Pichai, CEO of Google, has defined it as the foundations "of the next 20 years" for this type of services.
Today companies often use a mix of providers and services on which to build their web applications or in which to store their data. In some cases, they can be own servers managed locally, for example, in other large virtual machines in the data centers of Amazon or Microsoft or IBM. For developers who create web applications, managing these hybrid systems can be tedious, especially in the case of complex applications.
Anthos, built on the Kubernetes infrastructure (an open source project born in Google itself) will allow all resources to be managed in a similar way regardless of their origin and orchestrate security in all of them from a single service.
0 Response to "Your Android is now a security key"
Post a Comment