google smart lock app iconA new update to Google's Smart Lock iOS app lets users set up their iPhone or iPad as a security key for two-factor authentication when signing into native Google services via Chrome browser.

Once the feature is set up in the app, attempting to log in to a Google service via Chrome on another device such as a laptop results in a push notification being sent to their iOS device.

The user then has to unlock their ‌iPhone‌ or ‌iPad‌ using Face ID or Touch ID and confirm the log-in attempt via the Smart Lock app before it can complete on the other device.

After installing the update, users are asked to select a Google account to set up their phone's built-in security key. According to a Google cryptographer, the feature makes use of Apple's Secure Enclave hardware, which securely stores ‌Touch ID‌, ‌Face ID‌, and other cryptographic data on iOS devices.

The Smart Lock app requires that Bluetooth is enabled on both the ‌iPhone‌/‌iPad‌ and the other device for two-factor authentication to work, so they have to be in close proximity, but the advantage of the system is that it ensures the process is localized and can't be leaked onto the internet.

The Google Smart Lock app is a free download for ‌iPhone‌ and ‌iPad‌ on the App Store. [Direct Link]

(Via 9to5Google.com)

Top Rated Comments

TriBruin Avatar
57 months ago

Can someone explain the functional difference between the 'Google'-app I have on my iPhone, which prompts me to verify it's me whenever I login to any Google-services?
The way I am reading this, is that it eliminates the push from Google and handles everything locally. When you attempt to sign-in, Chrome will check for the presence of your trusted device (iPhone) via local Bluetooth and prompt you directly. This, in theory, eliminates any chance for a bad actor intercepting the internet based push notification.
Score: 3 Votes (Like | Disagree)
Westside guy Avatar
57 months ago
There are also standard ways to do two-factor auth, one of which is even implemented by Google through their Google Authenticator app (RFC 6238 time-based one-time passwords - I prefer the OTP Auth app for it) and can be implemented by any app developer for increased security without having to be beholden to Google or any other single entity. I realize some people will complain about having to copy 6 digits (oh the horror), but I prefer standard solutions like that to tying my security to Google - or, for that matter, to having all these vendor-specific two-factor approaches (Apple does it one way, Google does it another, etc.).
Score: 2 Votes (Like | Disagree)
1144557 Avatar
57 months ago

The way I am reading this, is that it eliminates the push from Google and handles everything locally. When you attempt to sign-in, Chrome will check for the presence of your trusted device (iPhone) via local Bluetooth and prompt you directly. This, in theory, eliminates any chance for a bad actor intercepting the internet based push notification.
You would think that is incredibly hard already to crack/spoof an Apple push notification from the Google app itself; far more than SMS. I dont know that this new way offers much more to the average person. In a very high security environment using Goole Apps (not sure why you would do that to begin with then, but ok) I guess.

Its also unclear how not needing an internet connection would help if you are logging into Google which requires internet. That argument doesnt make a ton of sense obviously.

Not knocking more options, its just a bit unclear the differences between this and using the Google app to authenticate 2FA.
Score: 1 Votes (Like | Disagree)
Vincent Verbist Avatar
57 months ago

The way I am reading this, is that it eliminates the push from Google and handles everything locally. When you attempt to sign-in, Chrome will check for the presence of your trusted device (iPhone) via local Bluetooth and prompt you directly. This, in theory, eliminates any chance for a bad actor intercepting the internet based push notification.
Okay, that's something I can understand, but still strange that there is not a single reference to the current solution through the Google app...
Score: 1 Votes (Like | Disagree)
Vincent Verbist Avatar
57 months ago
Can someone explain the functional difference between the 'Google'-app I have on my iPhone, which prompts me to verify it's me whenever I login to any Google-services?
Score: 1 Votes (Like | Disagree)

Popular Stories

new best buy blue

Best Buy's Memorial Day Sale Has Record Low Prices on iPads, MacBooks, and Much More

Friday May 24, 2024 7:12 am PDT by
Best Buy today kicked off its Memorial Day weekend sale, and it has some of the best prices we've tracked in weeks on iPads and MacBooks. Specifically, you'll find record low prices on the 5th generation iPad Air, iPad mini 6, M2 MacBook Air, and M3 MacBook Pro. Note: MacRumors is an affiliate partner with Best Buy. When you click a link and make a purchase, we may receive a small payment,...
macOS 15 Feature

macOS 15 System Settings to Get Design Overhaul

Thursday May 23, 2024 12:51 pm PDT by
With the macOS 15 update that is set to debut at WWDC in June, Apple plans to rearrange "menus and app UIs," according to a report from AppleInsider. The System Settings app, which was last updated with macOS Ventura, will get one of the biggest updates. With macOS Ventura, Apple renamed the System Preferences app to System Settings, introducing a design similar to the Settings app on the...
6chatgpt mac app

5 Reasons to Use OpenAI's ChatGPT App for Mac

Thursday May 23, 2024 6:07 am PDT by
On May 13, OpenAI during its Spring Update announced that it would be releasing a desktop ChatGPT app for the Mac in the "coming weeks," and said that ahead of a wider launch it had started rolling out the app to some ChatGPT Plus subscribers. Subscribe to the MacRumors YouTube channel for more videos. After testing the app for a few days, we thought it was worth sharing some reasons why...
iOS 17

Apple Sheds More Light on iOS 17.5 Bug That Resurfaced Deleted Photos

Friday May 24, 2024 2:36 am PDT by
Last week, some iPhone users reported that Apple's iOS 17.5 update had introduced a bug that caused old photos that were deleted to reappear in the Photos app. Apple quickly released an iOS 17.5.1 update to fix the issue, but for many users, its explanation of "database corruption" in the release notes was all too brief, and did little to allay concerns about the privacy of their data. Apple ...