Send Message
Home News

company news about Google updates strong authentication roadmap

China White Smart Technology certification
China White Smart Technology certification
Customer Reviews
we very appreciated for you products with good quality and service.keep touching.

—— Mr.FooCH

Having done business with this company for over 8 years,they never let me down,great service and high quality products,highly recommend!

—— Josh Michael

The price may not be the cheapest, but very reasonable comparing with orthers' products' quality and company porwer.

—— Mr.Johnson

I'm Online Chat Now
Company News
Google updates strong authentication roadmap

Five years ago, Google’s login team published a roadmap for stronger consumer authentication. It’s now released a report on that roadmap and an updated version of what’s in store for the team.

Eric Sachs, Google’s group product manager for identity, talked about the progress and challenges the team has had during this time. Google has managed to improve security through analyzing more signals at login to create risk-based login challenges. It’s added an opt-in, two-factor login verification process. It has an OpenID style login, which other web sites are starting to offer, and it’s implemented OAuth in native apps.

Unfortunately, while OpenID is a complex strong authentication tool, it’s also complicated to implement, an effort which Google plans to keep working on. Google has also discovered over the last five years that account recovery is a difficult and expensive problem, particularly as hackers and identity thieves become more sophisticated.

Sachs writes that Google’s five-year roadmap has done a good job of laying the groundwork so that the team can continue making improvements to its authentication system. Adoption of mobile phones has also helped spur this continued effort.

The team also plans to make an aggressive change to its login system. Users will either have to opt-in to Google’s two-factor login capability, or they will have to pass a two-factor challenge on most of their login attempts.

Google will help to drive the ChannelID open standard to tie down bearer tokens and cookies to the device the user signs in with, in an effort to make them less risky and susceptible to attack. While ChannelID is already available on Chrome, and Google is testing it for Google Account login tokens and cookies.

Smarter hardware is also driving some of Google’s experiments. Now that Android and iOS apps can generate OTP codes, Google wants to see if a phone app can give notifications about risky behavior on an account and demand approval before allowing that behavior to occur. To help with this, Google is working with the FIDO Alliance on Universal Second Factor (U2F), an open system of “keychain devices” that website owners can leverage.

Sachs writes that over the next five years Google also intends to explore ways to unlock a device and confirm risky action, including using biometrics to do so. It is also looking at combining authentication methods in portable tokens, that could include biometrics or NFC capability.


Pub Time : 2013-05-17 10:20:28 >> News list
Contact Details
White Smart Technology

Contact Person: Mr. Kenny Huang

Tel: +86 15914094965

Send your inquiry directly to us (0 / 3000)