It’s another wonderful day of Google I/O and the developer conference is proving that there’s still more interesting developments outside of Android M. During a Google ATAP session, Regina Duggan took the stage to talk about what the special projects unit as been working on.
One of the more interesting projects is something called Project Abacus. They’ve actually been conducting user trials and gathering data since last year. Everyone knows passwords suck (Duggan actually said this on stage) and Project Abacus looks to eliminate the hassle of typing out or remembering long passwords because simply put: humans aren’t good at this.
Because your smartphone knows more about you than you think, Project Abacus combines a variety of sensor data — how you walk, location patterns, how you talk, how you type — to verify that you are you. In other words, your device is the key to your authentication and it doesn’t even need fingerprint scanning hardware to pull it off.
Project Abacus works passively in the background to continually authenticate you before a website or app or anything else asks you for your password. Based on a trust score, it can verify your identity and you’ll be logged in without having to type a single thing. Higher trust scores could be required from something like a banking app, while low ones for something like logging into a game. Should your device fall into the wrong hands, the trust score will drop and the user will be asked to input a password like the olden days.
Of course, the question on everyone’s mind is how secure Abacus is when compared to other methods of authentication. ATAP says that by combining all this sensor data, Abacus is more than 10 times more secure than traditional methods. We’ve seen enough movies to know that anyone can pop out your eyeball or cut off your fingers — wouldn’t it be great if you phone knew you were you?
Another interesting project to come out of Google ATAP’s session is something they’re calling Project Vault. ATAP says Vault is tiny, security dedicated computer squeezed into a micro SD card. It uses a suite of encryption primitives to act as a digital mobile safe for your most sensitive data, anything from chat conversations to files and everything in between.
Using a driver-free interface, Project Vault partitions a portion of an SD card to store data and works out of the box on a variety of platforms outside of Android (like full fledged Windows PCs). ATAP says that Vault more or less aimed at the enterprise market for now and like most things to come out of Google I/O, still in its early stages but will soon have an open source SDK for developers.