From now on, all of the Android smartphones running on Android 7.0 version can be used as the physical security key for the Two-step verification. The company today announced that the eligible smartphones could be used to unlock the devices or log in to the services with the physical security key. The users can exercise the feature of logging in through the Bluetooth enabled devices to their Google services quicker than other measures of Two-step verifications like Email Code and OTP. Any device with an active Bluetooth feature and Android 7.0 version is eligible to use as the physical security key.
To use the smartphone as a physical security key, the user will have to connect the device with Google Chrome Browser using Bluetooth, and then the device can be used to automatically login to all of the Google services. The only catch here is the device should be in the range of Bluetooth signal; otherwise, it won’t work at all. The service used the FIDO authentication standard to automatically login to the services like Gmail, G Suite, Google Cloud, and any other Google account service. As of now, only Google services are accessible with the Android Smartphone Physical key. But, Google might add other websites and services soon with Physical Authentication Feature.
Google is using multiple two-factor authentication methods like SMS Codes, Rotating Codes, and App Prompt. All of them have some sort of weakness due to external vulnerabilities. But with Android smartphone as the authentication factor, it won’t be more comfortable for hackers to get access to the accounts even if they have the password. To enable this feature, the users will have to choose the “Two-Factor Authentication” option from Account Settings and then start using the same. As of now, only the Chrome browser is supporting this feature, and no other Chromium-based browser is not capable of handling this two-factor authentication method.