Google Moving Forward on Automatic Logins
Google is trying to bring this to Android developers by the end of the year:
Today, secure logins—like those used by banks or in the enterprise environment—often require more than just a username and password. They tend to also require the entry of a unique PIN, which is generally sent to your phone via SMS or emailed. This is commonly referred to as two-factor authentication, as it combines something you know (your password) with something you have in your possession, like your phone.
With Project Abacus, users would instead unlock devices or sign into applications based on a cumulative “Trust Score.” This score would be calculated using a variety of factors, including your typing patterns, current location, speed and voice patterns, facial recognition, and other things.
Basically, the system replaces traditional authentication—something you know, have, or are—with surveillance. So maybe this is a good idea, and maybe it isn’t. The devil is in the details.
EDITED TO ADD: It’s being called creepy. But, as we’ve repeatedly learned, creepy is subjective. What’s creepy now is perfectly normal two years later.
Mark Murphy • May 24, 2016 9:01 AM
The problem goes beyond “creepy”. Allowing Google to decide whether or not I can get into my bank account is not a good idea.