14 June 19, 12:36
Quote:Starting this week, Android phones can be used to verify sign-ins on Apple iPads and iPhones, Google announced.
The capability is enabled by the recently introduced 2-Step Verification (2SV) method that allows users to protect accounts with a security key built into their Android phones.
Previously, the technology could be used to verify sign-ins to Google and Google Cloud services on Bluetooth-enabled devices running Chrome OS, macOS, and Windows 10, and can now be used to verify sign-ins on Apple iPads and iPhones as well.
Google’s solution relies on FIDO security keys, which provide strong protection against automated bots, bulk phishing, and targeted attacks. The technology relies on public key cryptography to verify the user’s identity and URL of the login page, meaning that the attackers are denied access to the account even if they have the username and password at hand.
While leveraging the Chrome browser on Chrome OS, macOS, and Windows 10 devices to communicate with Android phone’s built-in security key over Bluetooth using FIDO’s CTAP2 protocol, Google’s solution relies on the Smart Lock app for that on iOS devices.
“Until now, there were limited options for using FIDO2 security keys on iOS devices. Now, you can get the strongest 2SV method with the convenience of an Android phone that’s always in your pocket at no additional cost,” the Internet search giant notes.
SOURCE: https://www.securityweek.com/android%E2%...os-devices