At Google Cloud Next 2019 event held in San Francisco, Google announced that it will add an option to use Android phone’s built-in security key for two-step verification to protect against phishing.
Android As A Security Key For Two-Step Verification
This feature allows you to carry just your phone around, no need for security keys for protection. Well, this will be available on all phones running Android 7.0+ (Nougat and above) with Google Play Services and Bluetooth-enabled devices running Chrome OS, macOS X, or Windows 10 with a Chrome browser.
Speaking of Pixel phones, on Pixel 3 FIDO credentials are stored inside the Pixel’s Titan M chip so that you can just press the volume down button to activate your security key.
How To Use Android Phone As A Security Key
Here’s how to enable phone’s built-in security key;
- Add your Google Account to your Android phone.
- Make sure you’re enrolled in 2-step verification.
- On your computer, visit the 2SV settings and click “Add security key”.
- Choose your Android phone from the list of available devices, and you’re done.
Make sure your device’s Bluetooth is turned on when signing in (both sending and receiving end). Google recommends users to register a backup security key to their account and keeping it in a safe place, so they can get into their account if they lose the phone. This feature will roll out in a few days for everyone in beta.