Google's biometric ID verification system is available now
Passwords are a pain. They're hard to remember, easy to lose, and often not very secure. But what if there was a better way to sign in to your online accounts?
Earlier this year, Google rolled out support for passkeys, a simpler and more secure way to sign into your online accounts. Passkeys are 40% faster than passwords and rely on a type of cryptography that makes them more secure.
And now, Google states in a blog post that passkeys are now the default option across personal Google Accounts. This means that the next time you sign in to your account, you will be prompted to create and use passkeys. You will also see the “Skip password when possible” option toggled on in your Google Account settings.
But how Passkeys work? Is it really safe to put your biometric data on a server? Welcome to our Google Passkey explained writing.
Google Passkeys explained in simple terms
Today, the constant struggle to remember numerous passwords has become a common frustration. We've all been there - trying to recall a complex combination of letters, numbers, and symbols, only to get locked out of our accounts due to multiple failed attempts.
Google Passkeys represent the future of authentication. They are a modern, secure, and user-friendly alternative to traditional passwords. Unlike passwords, Passkeys eliminate the need for memorization. With Passkeys, you can sign in to your Google Account using a fingerprint or face scan, making the login process both convenient and secure.
These biometric sensors are widely available on modern smartphones and laptops, so they are accessible to a broad user base.
How Passkeys work?
Google Passkeys use a cryptographic protocol called WebAuthn to create a unique passkey for each website or app that you use. WebAuthn is a secure and open standard that is supported by all major browsers and operating systems.
When you create a passkey, your browser and the website or app work together to generate a public and private key pair. The public key is stored on the website or app's server, and the private key is stored on your device.
To sign in with a passkey, your browser sends the public key to the website or app. The website or app then verifies the public key and sends a challenge back to your browser. Your browser uses your private key to sign the challenge and send it back to the website or app.
How safe is it to put your biometric data into Google Passkeys?
Google Passkeys are designed to be a more secure way to sign in to your online accounts than passwords and while doing so Google does not use their servers to store the biometric login data in their servers.
Your biometric data, such as your fingerprint or face scan, is never shared with Google or the website or app that you are using. It is only used to unlock your device and authenticate you with your passkey and this data goes neither to Google's nor other sites' databases.
Why you should enable it?
There are many reasons why you should enable Google Passkeys:
- Security: Passkeys are more secure than passwords because they are unique to each website or app that you use and they are stored on your device. This means that even if a password database is compromised, your passkeys will still be safe
- Convenience: Passkeys are easier to use than passwords because you don't have to remember them. Simply use your fingerprint, face scan, or screen lock to sign in
- Privacy: Passkeys protect your privacy because they don't require you to share any personal information with the websites or apps that you use
Here we come to the end of our Google Passkeys explained writing. Although your biometric data is stored locally on your device, I will wait a few months to verify that the system is working correctly to avoid a situation similar to what people experienced in the 23andMe data breach.
Now you: What do you think about biometric ID verification? Is it our future or our potential disaster?
Featured image credit: Google.
Advertisement
