searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • (IN)SECURE Magazine

Related topics

  • G Suite news: Anomalous alert activity for Google Drive, Advanced Protection for enterprise users
  • How effective are login challenges at preventing Google account takeovers?
  • Google offers Advanced Protection for high-risk users of its services

Featured news

  • Phishers count on remotely hosted images to bypass email filters
  • Fraudulent attempt purchase value decreased by $10 in 2020 compared to 2019
  • Revenue for 5G enterprises in the Asia-Pacific region to reach $13.9B by 2024
  • Most containers are running as root, which increases runtime security risk
  • Healthcare IT teams battle with technical challenges to ensure network resilience and security
Zeljka Zorz
Zeljka Zorz, Managing Editor, Help Net Security
January 15, 2020
Share

High-risk Google account owners can now use their iPhone as a security key

Google users who opt for the Advanced Protection Program (APP) to secure their accounts are now able to use their iPhone as a security key.

iPhone security key

About Google’s Advanced Protection Program

Google introduced the Advanced Protection Program in late 2017, to help high-risk users – journalists, human rights activists, IT admins, executives, etc. keep their Google accounts safe from targeted attacks.

APP is available to both consumer (Google Account) and enterprise users (G Suite).

It initially allowed users to make their accounts more secure by requiring them to have and use a physical security key to provide additional user verification during the login process.

In May 2019, Google made it possible to exchange the physical security key with one’s Android device. Now, finally, iPhone and iPad users can take advantage of that option, too.

Using iPhones for APP

Google considers security keys to be the strongest protection against account takeover attacks, whether they are performed by an automated bot, are bulk phishing attacks or extremely targeted (and tailored) attacks.

Making security more convenient is key to improving the adoption of security practices. By offering Android and iPhone/iPad users the option to use their devices as a security key, Google is making it easier for users to enroll into APP.

Let’s face it: we take our mobile phones with us everywhere and most of use are very conscientious about keeping the battery charged. Physical security keys, on the other hand:

  • Are pricy for some
  • May not be available for purchase to all who need them, and
  • Are a piece of hardware that some might not want to have to keep track of and lug around all the time.

To be able to use one’s iPhone for APP, users have to have an iPhone running iOS 10+, the latest version of Google’s Smart Lock installed on it, and Bluetooth enabled.

The device through which they are signing into their account has to have the latest version of a compatible browser (e.g., Chrome), the latest version of a compatible OS (e.g., Chrome OS, Mac OS, or Windows 10), and Bluetooth enabled.

Google has provided this helpful guide on how to set up one’s phone’s built-in security key and use it.

More about
  • account protection
  • authentication
  • cybersecurity
  • Google
  • iPhone
  • mobile devices
  • security key
Share this
bot

What analytics can unveil about bot mitigation tactics

  • Understanding third-party hacks in the aftermath of the SolarWinds breach
  • Minimizing cyberattacks by managing the lifecycle of non-human workers
Top videoconferencing attacks and security best practices

What's new

week in review

Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-day

gap

Understanding third-party hacks in the aftermath of the SolarWinds breach

email

Phishers count on remotely hosted images to bypass email filters

bot

What analytics can unveil about bot mitigation tactics

Don't miss

bot

What analytics can unveil about bot mitigation tactics

gap

Understanding third-party hacks in the aftermath of the SolarWinds breach

email

Phishers count on remotely hosted images to bypass email filters

bot

Minimizing cyberattacks by managing the lifecycle of non-human workers

containers

Most containers are running as root, which increases runtime security risk

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • Twitter

In case you’ve missed it

  • Securing the connected home: A joint task for homeowners and their ISP
  • Cybersecurity sales: Do you have what it takes to succeed?
  • How do I select a data control solution for my business?
  • How do I select cyber insurance for my business?

(IN)SECURE Magazine ISSUE 67 (November 2020)

  • Hardware security: Emerging attacks and protection mechanisms
  • Justifying your 2021 cybersecurity budget
  • Cooking up secure code: A foolproof recipe for open source
  • Mapping the motives of insider threats
Read online
© Copyright 1998-2021 by Help Net Security
Read our privacy policy | About us | Advertise