Google Aims to Kill Passwords with Project Abacus | Threatpost | The first stop for security news

Google Updates Safe Browsing Alerts for Network Admins

April 8, 2016 , 12:56 pm

According to Daniel Kaufman, head of Google’s Advanced Technology and Projects, the way Project Abacus works is it monitors how individuals use their phone from keystroke speed, pattern of speech, location, rhythm of your walk, facial features, the way you swipe open your phone and anything else your phone can sense that can be used to create what’s called a Trust Score to prove your identity.

If a stranger steals your phone, the idea is, the phone’s sensors would identify unusual user behavior. Next, the dynamic Trust Score for phone would suddenly plunge and the phone would log out of any open accounts on the phone or just remained locked.

“We have these phones and these phones have all these sensors in them. Why couldn’t it just know who I was, so I don’t need a password?” Kaufman said at last week’s 2016 Google I/O conference. He said that over the past year Google has created a Trust API that will be rolled out in June to beta customers and if all goes well will be rolled out for all Android users before 2017.

Of course the quid quo pro is that Google gets to snarf-up even more data about you. But Google has said the sensor data used to generate the Trust Score would be locally processed and not sent to the Google cloud to be added to your digital dossier it has of you.

The project was originally introduced at last year’s Google I/O conference. At that time Regina Dugan, a Google senior executive, said the Trust API would be used for locking and unlocking your phone as well as opening apps. She claimed the system is tenfold more secure then fingerprint sensors and 100x safer than 4 digit PIN codes.

The idea is not novel. Apple has its own password-killing tech with its TouchID and Microsoft has its Windows Hello biometric system introduced with the Windows 10 operating system. This is also not Google’s first time at the password rodeo either.

Google officially launched Smart Lock at last year’s Google I/O conference. Smart Lock is a password manager for Android and Chrome users that saves credentials on one devices for later use on all other supported devices and services.

According to Google, 70 percent of users forget their passwords once a month. Add that to another Google stat that estimates that on average it takes 2.4 attempts to guess a correct a password before we get it right.

https://threatpost.com/google-aims-to-kill-passwords-with-project-abacus/118288/