Prudence Pitch

17:00 13/06/2019 |

Total post : 1,048

Security keys on Android phones can verify sign-ins on Apple iPads and iPhones

(Tech) For the uninitiated, FIDO is a standard certified by the nonprofit FIDO Alliance that supports public key cryptography and multifactor authentication - specifically, the Universal Authentication Framework (UAF) and Universal Second Factor (U2F) protocols. When you register a FIDO device with an online service, it creates a pair of keys: (1) an on-device and offline private key and (2) an online public key. During authentication, the device “proves possession” of the private key by prompting you to enter a PIN code or password, supply a fingerprint, or speak into a microphone.



Boiled down to basics, FIDO supports two-factor authentication, which confirms identities through a mix of passwords, security keys, and biometrics. That’s as opposed to 2SV, which authenticates people using only passwords and codes sent via text message or email.

On Chrome OS, macOS, and Windows 10 devices, Google’s solution uses the FIDO protocol between a computer and phone (CTAP API) and requires the browser to indicate to the phone which website is currently onscreen.

Google further built a local proximity protocol on top of Bluetooth - cloud-assisted Bluetooth Low Energy (caBLE) - that doesn’t require pairing, installing an app, or plugging anything into a USB port. It’s been submitted to FIDO and remains under review, relegating it to strictly to Google accounts for now.

Once you’ve done all that, make sure Bluetooth is enabled on all devices and switch over to your iPhone or iPad. Sign into your Google Account with your username and password using Smart Lock, and check your Android phone for a notification before following the instructions to confirm it’s you signing in.

Google notes that within enterprise organizations, admins can require the use of security keys for users in G Suite and Google Cloud Platform, letting them choose between using a physical security key, an Android phone, or both.


Post new