FB pixel

Google launches synched passkeys as tech giants move away from passwords

Google launches synched passkeys as tech giants move away from passwords
 

Digital technology giants are directing their efforts toward implementing passwordless authentication, with a particular focus on using passkeys, to avoid the vulnerabilities that come along with passwords.

Google has quietly introduced a new feature enabling the automatic synchronization of passkeys. This functionality facilitates the transfer of passkeys generated on Android devices to Windows and macOS platforms.

Furthermore, Oracle’s chief technology officer, Larry Ellison, has announced the company’s decision to transition away from traditional passwords for system access in favor of biometric security measures. Similarly, Samsung has developed Knox Vault, a hardware-backed security system to safeguard sensitive information such as PINs, passwords, and biometric data.

Google synchronizes passkeys across operating systems

Tech giant Google has recently taken steps to enhance the efficiency of passkeys for users who utilize multiple devices with different operating systems. With the new automatic synchronization feature, Google can generate passkeys on an Android device that can be used on Windows and MacOS devices without additional setup. The synchronization is made possible by using Google Password Manager in Chrome.

As a result, users are no longer required to scan QR codes or enable Bluetooth to transfer passkeys between their devices. The synchronization takes place in the background through the password manager. The company anticipates cross-OS compatibility will lead to more adoption of passkeys.

In terms of implementation, the private keys are not directly synchronized across devices. Instead, the system utilizes a key-wrapping service to secure these keys. The approach ensures that even if someone were to gain access to the data being transferred, they would not be able to recover the original passkey secrets.

Moreover, the client device must sign requests using a hardware-backed key to access the key-wrapping services. In the case of the Windows operating system, this key would be a Trusted Platform Module. These private keys are temporarily held in memory to reduce the risk of exposure to hackers.

Google’s passkey automatic synchronization operates under AMD’s Secure Encrypted Virtualization — Secure Nested Paging (SEV-SNP) to provide security for virtual machines. This feature utilizes the Oak project framework.

Google’s new passkeys feature has limitations, as it relies on Chrome and Google Password Manager. Automatic synchronization is only available for users of these platforms.

Furthermore, passkeys must be generated on an Android device as there is currently no support for generating passkeys on Windows or macOS and then synchronizing them to other systems. Passkeys generated on Android cannot be transferred to iOS devices.

A similar feature is already present in Apple’s iCloud Keychain, enabling passkeys to synchronize across iPhones, iPads, and Macs. However, it lacks support for non-Apple platforms. The new iOS 18 may expand the capability to include Windows, bridging the gap in cross-platform compatibility, Heise Online reports.

Using passwords is a ridiculous idea, says Oracle CTO Larry Ellison

During a keynote at Oracle CloudWorld 2024, Oracle CTO Larry Ellison criticized the use of passwords as a “terrible idea” and “obsolete.”

He announced that by next year, Oracle employees will no longer use passwords for system access. Instead, the company will implement biometric security measures such as facial recognition, thumbprint recognition, and voice recognition.

This shift is motivated by the perception that passwords are insecure and easily compromised. Biometric logins are seen as a more secure and efficient alternative, as they make it difficult to impersonate someone with proper biometric authentication, including liveness detection.

Samsung introduces Knox Vault to store biometric data

Samsung has enhanced user security across its devices by implementing hardware-backed security, passkeys, and a software framework for interconnected devices.

In 2021, the company developed Knox Vault, a hardware-backed security system that integrates into Samsung devices to store PINs, passwords, and biometric information, isolating it from the main operating system.

While various smart device manufacturers focus on passwordless authentication, Samsung has introduced passkeys into its ecosystem through Knox Matrix and Samsung Wallet. The system allows users to log into applications and websites on Galaxy devices using biometric authentication.

Samsung has also created Knox Matrix, a security framework designed to secure interconnected devices. The system operates on a decentralized blockchain, enabling each connected device to monitor and ensure the security of the entire ecosystem. Knox Matrix utilizes a “multi-layered” approach to detect spam, viruses, and malware.

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Deepfake detection is a continuous process of keeping up with AI-driven fraud: BioID

The latest Lunch Talk from the European Association for Biometrics (EAB) focuses on the threat of deepfakes and what can…

 

Nok Nok simplifies passkey deployment; Imprivata joins FIDO Alliance

Nok Nok Labs, which invented FIDO standards and co-founded the FIDO Alliance, has announced the launch of new AI-driven offerings…

 

Voice biometrics gain momentum in India’s financial sector

India is stepping into the future with voice biometrics, an authentication method that promises enhanced security and user convenience. Voice…

 

Malaysia’s MyDigital ID hits 1M users as digital transformation gains momentum

The Malaysian government’s digital verification platform, MyDigital ID, has now registered over one million users, another milestone recorded in the…

 

mDLs close in on practical use with standardization, tests and reader demos

Mobile driver’s licenses are progressing ever-closer to practical usefulness for applications other than proving the bearer’s driving privileges. The standard…

 

QazSmartVision shows out in NIST face biometrics, image quality testing

Biometrics providers from in and around the Middle East are taking a more prominent place in facial recognition evaluations by…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events