google smart lock app iconA new update to Google's Smart Lock iOS app lets users set up their iPhone or iPad as a security key for two-factor authentication when signing into native Google services via Chrome browser.

Once the feature is set up in the app, attempting to log in to a Google service via Chrome on another device such as a laptop results in a push notification being sent to their iOS device.

The user then has to unlock their ‌iPhone‌ or ‌iPad‌ using Face ID or Touch ID and confirm the log-in attempt via the Smart Lock app before it can complete on the other device.

After installing the update, users are asked to select a Google account to set up their phone's built-in security key. According to a Google cryptographer, the feature makes use of Apple's Secure Enclave hardware, which securely stores ‌Touch ID‌, Face ID, and other cryptographic data on iOS devices.

The Smart Lock app requires that Bluetooth is enabled on both the ‌iPhone‌/‌iPad‌ and the other device for two-factor authentication to work, so they have to be in close proximity, but the advantage of the system is that it ensures the process is localized and can't be leaked onto the internet.

The Google Smart Lock app is a free download for ‌iPhone‌ and ‌iPad‌ on the App Store. [Direct Link]

(Via 9to5Google.com)

Tags: Google, security

Top Rated Comments

TriBruin Avatar
TriBruin
26 months ago

Can someone explain the functional difference between the 'Google'-app I have on my iPhone, which prompts me to verify it's me whenever I login to any Google-services?
The way I am reading this, is that it eliminates the push from Google and handles everything locally. When you attempt to sign-in, Chrome will check for the presence of your trusted device (iPhone) via local Bluetooth and prompt you directly. This, in theory, eliminates any chance for a bad actor intercepting the internet based push notification.
Score: 3 Votes (Like | Disagree)
Westside guy Avatar
Westside guy
26 months ago
There are also standard ways to do two-factor auth, one of which is even implemented by Google through their Google Authenticator app (RFC 6238 time-based one-time passwords - I prefer the OTP Auth app for it) and can be implemented by any app developer for increased security without having to be beholden to Google or any other single entity. I realize some people will complain about having to copy 6 digits (oh the horror), but I prefer standard solutions like that to tying my security to Google - or, for that matter, to having all these vendor-specific two-factor approaches (Apple does it one way, Google does it another, etc.).
Score: 2 Votes (Like | Disagree)
1144557 Avatar
1144557
26 months ago

The way I am reading this, is that it eliminates the push from Google and handles everything locally. When you attempt to sign-in, Chrome will check for the presence of your trusted device (iPhone) via local Bluetooth and prompt you directly. This, in theory, eliminates any chance for a bad actor intercepting the internet based push notification.
You would think that is incredibly hard already to crack/spoof an Apple push notification from the Google app itself; far more than SMS. I dont know that this new way offers much more to the average person. In a very high security environment using Goole Apps (not sure why you would do that to begin with then, but ok) I guess.

Its also unclear how not needing an internet connection would help if you are logging into Google which requires internet. That argument doesnt make a ton of sense obviously.

Not knocking more options, its just a bit unclear the differences between this and using the Google app to authenticate 2FA.
Score: 1 Votes (Like | Disagree)
Vincent Verbist Avatar
Vincent Verbist
26 months ago

The way I am reading this, is that it eliminates the push from Google and handles everything locally. When you attempt to sign-in, Chrome will check for the presence of your trusted device (iPhone) via local Bluetooth and prompt you directly. This, in theory, eliminates any chance for a bad actor intercepting the internet based push notification.
Okay, that's something I can understand, but still strange that there is not a single reference to the current solution through the Google app...
Score: 1 Votes (Like | Disagree)
Vincent Verbist Avatar
Vincent Verbist
26 months ago
Can someone explain the functional difference between the 'Google'-app I have on my iPhone, which prompts me to verify it's me whenever I login to any Google-services?
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

iPhone 14 Mock pill and hole thumb

ProMotion Now Expected to Remain Exclusive to iPhone 14 Pro Models, Not Expand to Entire Lineup

Sunday January 16, 2022 8:56 am PST by
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst. Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
Read Full Article91 comments
safari icon blue banner

Safari Bug Allows Websites to Track Your Recent Browsing Activity in Real Time [Updated]

Sunday January 16, 2022 3:37 pm PST by
A bug in WebKit's implementation of a JavaScript API called IndexedDB can reveal your recent browsing history and even your identity, according to a blog post shared on Friday by browser fingerprinting service FingerprintJS. In a nutshell, the bug allows any website that uses IndexedDB to access the names of IndexedDB databases generated by other websites during a user's browsing session....
Read Full Article234 comments
ipad air 4 video

New iPad Air Rumored to Launch This Spring With A15 Chip, 5G, Center Stage Camera, and More

Saturday January 15, 2022 8:05 pm PST by
Apple is planning to release a fifth-generation iPad Air with similar features as the sixth-generation iPad mini, including an A15 Bionic chip, 12-megapixel Ultra Wide front camera with Center Stage support, 5G for cellular models, and Quad-LED True Tone flash, according to Japanese blog Mac Otakara. Citing reliables sources in China, the report claims that the new iPad Air could be...
Read Full Article158 comments
Unlikely Products 2022 Feature

Six Rumored Apple Products You're Unlikely to See This Year

Saturday January 15, 2022 2:06 pm PST by
Much has been said about what consumers could see from Apple in 2022, but the company is also working on a handful of rumored products that aren't expected to be unveiled for at least another 12 months, and in some cases a lot longer. Of course, that's assuming they get released at all. Apple works on many potential products some of which ultimately never see the light of day. With that in...
Read Full Article67 comments
AirPods Pro Gen 3 Mock Feature Red

AirPods Pro 2 Could Start a New Accessory Ecosystem

Friday January 14, 2022 2:34 am PST by
Apple's second-generation AirPods Pro could arrive alongside a new series of accessories, recent leaked images suggest. Alleged leaked photos of the next-generation AirPods Pro obtained by MacRumors showed a charging case with a metal loop on the side for attaching a strap. Apple has not used this design for any of its other AirPod models and it is unclear why it would be added in this...
Read Full Article
netflix2

Netflix Again Raises Prices for All Plans, 4K Streaming Now $20 Per Month

Friday January 14, 2022 12:46 pm PST by
Netflix today updated the prices for its streaming plans, and all of its offerings are now more expensive. The Basic plan is now priced at $9.99 per month, the Standard plan is priced at $15.49 per month, and the Premium plan is priced at $19.99 per month. The Basic plan is $1 more expensive, up from $8.99 per month. This plan allows users to watch on just one screen at a time, and it limits ...
Read Full Article433 comments
tesla carplay solution

Developer Showcases Apple CarPlay Workaround for Teslas

Monday January 17, 2022 7:24 am PST by
A Tesla Model 3 owner has resorted to a workaround to implement Apple CarPlay in his vehicle, amid no sign of official support from Tesla (via Tesla North). Apple CarPlay and Apple Music support are among the most-requested Tesla features, but with no indication that Tesla is willing to implement Apple CarPlay in its vehicles, Polish developer Michał Gapiński took matters into his own...
Read Full Article232 comments
top stories 20220115

Top Stories: iPhone 14 Pro Rumors, iCloud Private Relay Controversy, iOS 15.2.1 Released, and More

Saturday January 15, 2022 6:00 am PST by
Hole-punch? Pill? Hole-punch and pill? Rumors about what the front camera system on the iPhone 14 Pro will look like are evolving rapidly, and it now appears we might be getting a novel but potentially controversial design later this year. Other major stories this week included some confusion and controversy about iCloud Private Relay being disabled for some T-Mobile customers, increasing...
Read Full Article10 comments