At a developer’s conference Friday during Google I/O, Daniel Kaufman announced that it was Google’s intent to make password identifications outmoded by the end of the year, at least on Android devices. The system would rely on a new set of technologies being developed by Google’s Advanced Technology and Projects division. ATAP calls this new technology Trust API.
Passwords are pretty dumb. They’re essentially the digital version of a key, right? Anybody who has the right key can open a locked door even if they aren’t supposed to be able to get in. The door doesn’t know any better; it’s pretty dumb itself. In contrast, human beings have a much more robust way of identifying each other. Cashiers don’t bother checking the IDs of fifty-year-old men buying alcohol because context clues give them all the information they need – they don’t have to even ask. Likewise, three children in a trench coat aren’t going to pull the wool over the eyes of any ticket-taker at an R-rated movie.
Google believes our smartphones lie somewhere on the intelligence spectrum between a door and a human being. They’re at least smart enough that passwords are really starting to show their age. “We have a phone, and these phones have all these sensors in them,” said Kaufman. “Why couldn’t it just know who I was, so I don’t need a password? It should just be able to work.” Trust API would use a variety of metrics to calculate a “Trust Score,” which is essentially, its belief that you are who you are supposed to be.
The Trust Score would take into account things like your typing speed, vocal patterns, facial recognition, location, and proximity to familiar Bluetooth devices and wifi hotspots. Relatively low risk apps like games and basic tools wouldn’t need a very high trust score to run, but more rigorous scores would be needed to access things like banking apps. If all goes well, Kaufman believes Trust API could be completely rolled out before the end of 2016.
What do you think of Google’s ambitions to do away with passwords on Android apps? Let us know your take in the comments below.