Google is set to begin testing a new login method which replaces passwords with a 'trust-based' system which monitors the way you typically use your phone.
In the grab bag of Google/Alphabet's big projects for 2016 is Project Abacus.
Former Googler Chris Messina sounded ecstatic about it on Twitter, saying that Abacus would beat the current gold standard, two-factor authentication, since losing access to SMS wouldn't break the whole system.
During its first public demo at Google's I/O conference, Regina Dugan claimed that with its "trust score" method, Project Abacus "may prove to be ten-fold more secure than just a fingerprint sensor." And it's easy to believe this could be true.
For keeping out attackers, the password is a manageable solution that can range from weak to tough -- and right now, "killing the password" is a trendy set of words. Regular password systems are considered the weakest, especially ones that require a password to be short and simple.
Coming more into fashion now is two-factor authentication. This typically combines login with a text message or email you need as a second step for verifying it's really you. It's tougher to hack, and this year it's being phased in for banking customers by federal mandate. And then we have fingerprints, which are very secure and onerous to imitate, although a thumbprint can be obtained by physical force. Instead of any of these current "front door locks" on our phones, accounts and logins, someone using Abacus would ... actually do very little.
The system is designed to be used on smartphones, and works by constantly checking for a number of personal indicators which can grant access to accounts or the phone itself.
Instead of asking for a password, the phone might analyse your face, your voice, how you type, how you swipe, how you move and where you are. All of these bits of data are fed into the API, which then generates a 'trust score' which indicates how likely it is that it's actually you carrying the phone.
The idea is to make devices more secure. Someone could easily steal a password, but it would be much harder for them to mimic the unique way someone else uses their phone. Google believes a login system based on a combination of these factors could be 10 times more secure than a fingerprint scan.