Google Seeks To Usher In Age Of Physical Account Authentication With ‘One Ring’


Ok, Google is not actually bringing out a device called the One Ring, but the tech giant’s idea circles around a finger ring that could be used as an alternative to digital passwords. This idea or rather a research paper written by Google engineers will be published later this month in the IEEE Security & Privacy Magazine. Written by Google Vice President of Security Eric Grosse and Engineer Mayank Upadhyay, the research paper will speak about how in the future passwords could be completely replaced by more secure ways of user authentication techniques.

If there is one thing that 2012 taught us was passwords are not really safe. Last year saw many high profile cases of account hacks, including Yahoo, Sony PlayStation and more. While logging into your Facebook or Gmail account is made easy by simple and cost effective passwords they are by no means safe and are as good as non existent when the stakes are much higher than just Facebook accounts.

“Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” Grosse and Upadhyay explain in the paper.

Google is thus currently working on making its accounts compatible with physical authentication hardware such as cryptographic thumb drives and cards. A physical passkey such as the Yubico need only be registered once, after which they do not require to connect to the net and can unlock multiple accounts.

“We’d like your smartphone or smartcard-embedded finger ring to authorize a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity,” reads the article.

The challenge is to take this approach beyond just Google. For any alternative and universal authentication technique to achieve success it has to be adopted by as many parties as possible. To achieve this, Google has developed a standard protocol that will make use of the browser and will not require any other software and will hence work with multiple accounts. Furthermore, this technique also has the added advantage against phishing.


More Information: Wired