Google introduces new Alert Feature on Android - Login Activity Notification

Google has rolled out a new feature for Android users to keep its users account more secure: Native Android Push Notification when a new device accesses your Google account.

Google has already been offering email notification for newly added devices, but since people usually ignore emails, the tech giant will now send a push notification to your device screen, giving you a chance to change your password immediately before an intruder gets in.

Although it's a little change, the company believes people pay four times more attention on push notifications on their devices compared to email notification.

The new feature "increases transparency to the user of what actions they've performed and allows them to flag any suspicious activity they may be seeing on the device," the company says in its official blog post.

So, from now on, when a new device is added to your Google account, or, in other words, when a new device accesses your account, you will receive a push notification on your current Android device, asking:

"Did you just sign in?"

If yes, you can just ignore the notification. But if the activity appears suspicious, you just have to tap the "Review account activity" button to know about the details of the new device.

You can immediately change your password and add two-factor authorization (2FA) if you are worried someone else has accessed your account.

The new feature is rolling out to users gradually, and it may take over two weeks to reach all the users across the world.

Recently, Google is taking several measures to secure its users' account privacy. Google also introduced "Google Prompt" that makes 2-Step Verification (2FV) process much easier for you, allowing you to log in with just a single tap instead of typing codes.

Google plans to replace your password with Trust API

The importance of increasing online security around personal information has risen due to the increase in cyber attacks and data breaches over recent year.

Now Instead of just relying on uniquely generated PINs, Google intends to use your biometrics data – like your typing patterns, your current location, and more – to strengthen the second layer of authentication with a better, automatic and trustworthy approach.

Project Abacus: Password-free Logins

Introduced at the Google I/O developer conference, the new feature is called the Trust API, which will be available to Android developers by year-end if the initial tests with "several very large financial institutions" next month goes well.

Trust API was first developed under the codename Project Abacus, which was introduced last year at Google I/O 2015 when the company announced that it was working on a new password-less authentication method for Android devices.

Project Abacus is a system that opts for biometrics over two-factor authentication.

A while ago, the company implemented a similar idea, called "Smart Lock," on devices running Android 5.0 and higher.

Smart Locks automatically locks or unlocks your device when you are in a trusted location, or when your device recognizes your facial characteristics or have a secure Bluetooth device connected.

This Trust API is an upgraded and advanced version of Smart Lock. Trust API works by using the phone's sensors to collect data about you such as your voice, typing patterns, the particular times and locations you might use an app, and even facial recognition to derive a "Trust Score".

This Trust Score is then used to authenticate you without any need to enter a password or PIN, the head of Google’s Advanced Technology and Projects (ATAP) unit Daniel Kaufman said Friday at its Google I/O developer conference.

In case your Trust Score is not high enough, apps could revert to asking users for their passwords.

However, the company also said previously that different apps could require different Trust Scores. For example, your bank could require a higher score than a gaming app.

This Trust Score is the new "Trust Score API" or "Trust API" that the company hopes to put in developers' hands by the end of the year..

Google is testing a new way to login -without password

Passwords seem to be so yesterday. There’s a growing chorus of voices that want a painless yet secure alternate way of logging into your accounts that eschews the use of passwords altogether. Google is testing out a suitable replacement to attain this objective; using a smartphone as a key for logging into the company’s services online. However, in a region like Pakistan, where mobile theft is rampant, could it actually be used as a better alternative?

Can Google’s New Security Alternative Provide a More Secure Alternative?

Online security happens to be a very important aspect of our digital lives, and while keeping a track of passwords might be difficult, it is still considered a better approach compared to just using your entire smartphone to bypass the security wall. After all, in case the smartphone happens to be misplaced, or worst case scenario, stolen, then all those authentication processes will be gone with it as well.

However, it looks like Google has a trick up its sleeve in order to make passwords a thing of the past.

As you can see from the above image, it is possible to sign into Google services on a computer by using an Android smartphone as the primary authentication device. Details of the image state that the login process commences from the user logging into his/her Google account using their Gmail address, but instead of receiving a password prompt, the Android smartphone or tablet that is associated with that account will be contacted and asked whether the account login is to be authorized or not.

The smartphone or tablet will also need to be secured itself, through a password, a PIN, or even more secure features such as a fingerprint scanner. Google has not stated why it is attempting to make passwords a thing of the past, and neither has the company stated that when is the new security feature going to appear in mobile devices but we do know this. Google is not the only company working on getting rid of passwords, but it looks like some users will prefer to stick with the old, traditional ways.