Google announced the support of passkeys for its Advanced Protection Program (APP) on Wednesday. APP is the tech giant’s strongest level of Google Account security aimed at those users who are at a high risk of cyberattacks. With this move, the company will allow users to enroll for the service and access their accounts without the need for a physical security key. The feature can be accessed with compatible devices and browsers. Additionally, the company also announced its partnership with Internews to provide safety and security support to journalists and human rights workers.
Google Rolls Out Passkeys Support to APP Accounts
In a blog post, the company highlighted that standard Google Account users can now enroll for the APP service without purchasing physical security keys by opting for passkeys. Earlier, users were required to own two physical security keys to enroll on the service. To log into their account, they required their password and one of the security keys.
Physical security keys are small devices that typically resemble a USB drive or key fob. These can be plugged into the device via the USB port, or transfer data via NFC. These physical keys are aimed at making it incredibly difficult for a hacker to break into a device remotely.
Google highlighted that it may not be possible for individuals to always carry a physical key. This is why passkey, which uses biometric or device authentication, has been introduced as an alternative.
To register for the service, users can now visit the APP enrollment page, click on Get Started, and follow the instructions displayed on the screen. The company highlighted that users will require a compatible device and browser to enroll using passkeys. APP will also allow users to add recovery options such as phone number and email, another passkey, or security key to help regain access to the account in case they get locked out.
Designed by the FIDO Alliance, a passkey is an alternative login authentication method that ditches traditional methods such as SMS codes in favour of biometric or device authentication. The security measure has been adopted by Apple, Google, Microsoft, and other major tech companies in their products and services.
While standard Google Accounts already have passkey support, APP accounts were not included before this announcement. Notably, APP is aimed at people who are at a high risk of cyberattacks such as journalists, elected officials, political campaign staff and human rights workers.