Zeljka Zorz
Zeljka Zorz, Editor-in-Chief, Help Net Security

High-risk Google account owners can now use their iPhone as a security key

Google users who opt for the Advanced Protection Program (APP) to secure their accounts are now able to use their iPhone as a security key.

iPhone security key

About Google’s Advanced Protection Program

Google introduced the Advanced Protection Program in late 2017, to help high-risk users – journalists, human rights activists, IT admins, executives, etc. keep their Google accounts safe from targeted attacks.

APP is available to both consumer (Google Account) and enterprise users (G Suite).

It initially allowed users to make their accounts more secure by requiring them to have and use a physical security key to provide additional user verification during the login process.

In May 2019, Google made it possible to exchange the physical security key with one’s Android device. Now, finally, iPhone and iPad users can take advantage of that option, too.

Using iPhones for APP

Google considers security keys to be the strongest protection against account takeover attacks, whether they are performed by an automated bot, are bulk phishing attacks or extremely targeted (and tailored) attacks.

Making security more convenient is key to improving the adoption of security practices. By offering Android and iPhone/iPad users the option to use their devices as a security key, Google is making it easier for users to enroll into APP.

Let’s face it: we take our mobile phones with us everywhere and most of use are very conscientious about keeping the battery charged. Physical security keys, on the other hand:

  • Are pricy for some
  • May not be available for purchase to all who need them, and
  • Are a piece of hardware that some might not want to have to keep track of and lug around all the time.

To be able to use one’s iPhone for APP, users have to have an iPhone running iOS 10+, the latest version of Google’s Smart Lock installed on it, and Bluetooth enabled.

The device through which they are signing into their account has to have the latest version of a compatible browser (e.g., Chrome), the latest version of a compatible OS (e.g., Chrome OS, Mac OS, or Windows 10), and Bluetooth enabled.

Google has provided this helpful guide on how to set up one’s phone’s built-in security key and use it.

More about

Featured news

Resources

Don't miss