Someday soon, your smartphone could replace your password
Are passwords going the way of the dinosaur? That's what some tech companies like Apple and Alphabet (the parent company of Google) are working on, as they look ahead to a future where your actual mobile devices -- and not cumbersome passwords that are easily forgotten or hacked -- will serve as digital keys needed to access your information.
In a blog post on Medium, Gerhard Eschelbeck, Google's head of security and privacy engineering, explained that while two-step verification has long been the standard, the "next stronger step" is something called the "security key." What is this? Well look no further than your phone. Eschelbeck explains that the security key is a device that uses encryption to ensure that only the person who has the key in hand can access his or her account.
"The technology underlying Security Key raises the bar much higher than it's ever been for phishing," he wrote. "That's why we require everyone who works at Google to use Security Keys, and developed the underlying technology together with the other members of the FIDO Alliance, an industry consortium focused on creating strong, open authentication standards."
Eschelbeck asserted that we could go even further. Given that many people don't want to have to remember complicated passwords to enter or carry "physical tokens" in order to ensure their online security, some of the industry's biggest innovators are "working toward a world without passwords."
In the future, "multi-device authentication, for example, could allow your phone to verify your identity by signaling your laptop directly," Eschelbeck wrote. "Devices could recognize you using things like your voice or the way you walk. And these are only a few of the innovations we might see going forward."
The Wall Street Journal reports that Alphabet is currently running a quiet beta test program for signing into accounts with your phone, password-free. Google researchers reportedly aim to develop Android phone technology that can recognize users through speech patterns or even the way they type.
And of course, Alphabet isn't the only tech giant looking to make the password obsolete. Apple has also included high-security chips in their latest iPhones for app developers to take advantage of the Touch ID fingerprint biometric feature, which lets users just log in with the touch of a finger, the Wall Street Journal reports. So far, only a small percentage of apps actually take advantage of this option.
Biometric technology, from fingerprint to palm to retina scans, is also being used to secure medical records and other sensitive access. But increasingly, phones themselves are the key. Just as some banks are starting to move away from ATM cards and let customers use their phones to withdraw money, smartphones are also becoming a way to gain secure access to important data.
"Twenty years ago I never could have imagined the world we live in today, and I'm sure the next decade will be just as unpredictable," Eschelbeck wrote. "But I'm also sure that ten years from now, whether we're changing legacy systems like passwords or taking on new challenges like networked devices and the Internet of Things, working together to share security knowledge and solutions will be our best shot at handling whatever challenges the future throws at us."
