In a crucial move towards bolstering online security, Google has announced its plans to extend passkey support to its Advanced Protection Program (APP). Designed to protect high-risk users, this expansion comes ahead of the U.S. presidential election. The development is a significant stride toward securing the accounts of those most vulnerable to targeted cyber attacks, including campaign workers, candidates, journalists, and human rights activists.
APP Embraces Passkeys
Traditionally, APP relied on hardware security keys for user authentication. However, Google has made a strategic shift to incorporate passkeys into the program. From now on, users have the option to enroll in APP using passkeys alone or in combination with a password or hardware security key. This move is set to enhance the program’s flexibility and convenience without compromising on security.
Google’s Commitment to High-Risk Users
Speaking about the initiative, Google’s VP of Security Engineering, Heather Adkins, emphasized the company’s commitment to protecting its high-risk users, particularly during the critical election year. The tech giant plans to work alongside specialists from various organizations, including Defending Digital Campaigns and the International Foundation for Electoral Systems, to ensure that their users receive optimal protection against cyber threats.
The Rising Popularity of Passkeys
Since their introduction in 2022, passkeys have quickly gained popularity among Google Account users, having been used for authentication over 1 billion times across more than 400 million accounts. According to Google, passkeys have outperformed legacy two-step verification methods, including SMS one-time passwords and app-based one-time passwords, in terms of usage frequency.
By requiring physical access to a user’s phone, passkey logins make it considerably harder for cybercriminals to gain remote access to accounts. This technology also eliminates the need for traditional username and password combinations, which are often prone to phishing attacks.
Passkeys Gain Industry-Wide Adoption
Recognizing the security benefits of passkeys, several other tech companies, including Apple, Amazon, X (formerly Twitter), PayPal, WhatsApp, GitHub, and TikTok, have also started to adopt this technology.
Enhancements to Cross-Account Protection
In addition to expanding passkey support, Google is also scaling up its Cross-Account Protection program. The program shares security notifications about suspicious activities with third-party apps connected to a user’s Google account. This approach helps to thwart cybercriminals from infiltrating multiple accounts through a single point of access.
At present, Google’s Cross-Account Protection safeguards 2.4 billion accounts across 3.4 million apps and websites. As part of its ongoing commitment to enhancing online security, Google plans to further expand its collaborations across the tech industry.
In the face of evolving cyber threats, Google’s proactive steps towards enhancing online security serve as a testament to its commitment to user protection. As other tech giants follow suit and adopt similar security measures, the tech industry as a whole is poised to become a much safer space in the digital age.