Security & Fraud

Google's New Replacement For The Password? A Trust Score

These days, the conventional password is not much beloved by either businesses or consumers. Consumers merely hate having to remember them. This leads them to default to easy-to-remember passwords that they repeat often — for memory's sake — which leads to why businesses hate them. They are easy to hack.

Which is why Google wants to get rid of them — in general and on devices running Android specifically. At its latest developer conference, Google announced plans to move ahead with "trust scores" that use various data points to assess if a device user is legit. The Trust API has been under development for a year and is now rolling out to "several very large" financial institutions in the coming weeks.

"Assuming it goes well, this should become available to every Android developer around the world by the end of the year," Dan Kaufman, head of the Advanced Technology and Projects group at Google, said at the conference.

The user-specific data points that go into the score include current location, facial recognition and typing patterns.

Different apps could require different scores to access them. Banking apps could call for higher scores than a mobile game, for example. The API always runs in the background of the operating system and monitors a device's use to update the trust score for the apps running.

"We have a phone, and these phones have all these sensors in them. Why couldn’t it just know who I was, so I don’t need a password? I should just be able to work," Kaufman said.

Although the API's release is contingent upon a successful trial with banks, there is at least promise in the approach.

Traditional passwords stack up terribly in most measurements, though consumers do favor the amount of privacy and control. Elements of Google's trust score — facial recognition that likely requires a phone's camera to passively activate and scan a user's face, for example — might seem a bit creepy to some.



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

Click to comment