Google says iPhone and iPad users can now verify sign-ins with their Android security key, according to a report by TechCrunch.
“Compromised credentials are one of the most common causes of security breaches. While Google automatically blocks the majority of unauthorized sign-in attempts, adding 2-Step Verification (2SV) considerably improves account security. At Cloud Next ‘19, we introduced a new 2SV method, enabling more than a billion users worldwide to better protect their accounts with a security key built into their Android phones,” Google said in a blog post. “This technology can be used to verify your sign-in to Google and Google Cloud services on Bluetooth-enabled Chrome OS, macOS, and Windows 10 devices. Starting today (June 12), you can use your Android phone to verify your sign-in on Apple iPads and iPhones as well.”
Since the introduction of 2SV, Google said, 100,00 users are using their Android devices as a security key.
“FIDO security keys provide the strongest protection against automated bots, bulk phishing, and targeted attacks by leveraging public key cryptography to verify your identity and URL of the login page, so that an attacker can’t access your account even if you are tricked into providing your username and password,” Google said.
The technology is FIDO2 compliant, which means that it’s a secure and accommodating standard that lets different devices using different operating systems talk to each other for authentication.
“On Chrome OS, macOS, and Windows 10 devices, we leverage the Chrome browser to communicate with your Android phone’s built-in security key over Bluetooth using FIDO’s CTAP2 protocol. On iOS devices, Google’s Smart Lock app is leveraged in place of the browser,” Google said. “Until now, there were limited options for using FIDO2 security keys on iOS devices. Now, you can get the strongest 2SV method with the convenience of an Android phone that’s always in your pocket at no additional cost.”