Previously, Google’s Advanced Protection Program was only available to Android users. Google has now extended its services to the iPhone platform, and made an easier sign-in process for the Android client base.
What is Advanced Protection Program?
This multifactor authentication process is designed to use security keys that add an additional level of protection when users sign into their Google accounts. The keys can’t be deciphered by phishers, and can be either a physical security key, or a smartphone’s built-in security key. For iPhone users, they must be running iOS 10.0+, and have the Google Smart Lock app installed.
Two-Factor vs. FIDO
You might have heard of two-factor authentication, where a login screen will prompt for a second verification, such as entering a text code in addition to a username and password, before allowing a user to access their account. So what makes Google’s APP different than the regular two-factor authentication?
“Unlike other two-factor authentication methods that try to verify your sign-in, security keys are built with FIDO standards,” said Christiaan Brand, product manager at Google Cloud.
FIDO is a framework which requires that the device must be in physical possession of a user. Before they can access a private key to finish logging in, the user must first provide a local unlock by swiping a finger, entering a PIN, speaking into the phone’s microphone, or pressing a button.
Google implements FIDO by using Bluetooth to verify a sign-in. After trying to sign-in, a notification is sent to the user’s phone via Bluetooth, which checks that the phone is in physical proximity to the user. The user simply needs to verify the notification by clicking on it in order to unlock their account.
The Importance of Protecting Data
You might be wondering how relevant this service is, and how often attempts at account takeovers actually happen. According to Shuvo Chatterjee, product manager at Google’s Advanced Protection Program, more than 12,000 warnings were sent to account users around the world about inauthentic login attempts during the span of July to September 2019. “Everything becomes much simpler when the things we’re already carrying around—our smartphones—have a built-in security key,” Chatterjee added. With our phones almost always near us, it makes sense that technology is working to create better, and easier, security measures.
While Google has just now extended its service to iPhone users, Apple has been a long-time advocate for personal data protection, praising the EU’s implementation of GDPR, and encouraging the US to adopt similar policies. Along with Google, companies like ADT have stepped up to the plate, announcing a privacy initiative to prevent its consumer data from being stolen.
Whether you choose to enroll in Google’s APP or not, it’s important to establish strong security efforts to prevent data breaches from happening to you. Things as simple as creating a stronger password, and not reusing the same ones, can help make a difference. Set up multiple authentication factors when offered, and create password recovery options as well. Protecting your data should be a high priority, and going the extra mile to defend it can save you in the long run.
/google-advanced-protection-iphone-banner.jpg)
