New security features in Google services

May 18, 2023

Google’s annual I/O conference, where the company unveils new products and technologies, took place on 10 May 2023. This year, new security features were presented, i.e. the Google Passkeys, Safe Browsing API and several others.

The new authentication method – Passkeys (access keys) became the hot topic. This feature allows users to log in to applications and websites without passwords. Google claims that this method is immune to phishing and is more secure than one-time SMS codes. A fingerprint, a facial image, a screen lock password, or a physical security key can be used to log in. The service is now available to all users and it can be set up by logging into one’s Google account at: g.co/passkeys.

It is important to remember not to create access keys on shared devices. If a key is created on such a device, then anyone who can unlock it will be able to log in to your account, even if you log out beforehand.

Google Safe Browsing is a well-known feature in Google services that warns about unsafe websites and files. Now it has received a sizable update in which a new Safe Browsing API using AI was introduced. The service operates in real time to better protect users from online threats. According to information published on Google’s blog, an internal analysis showed that many phishing sites exist for less than 10 minutes. This allows block-lists to be bypassed, and this feature is expected to block an additional 25% of attempted phishing attacks each month in Chrome browser and on Android.

The G-mail addresses scan function for the dark web presence was already available to Google One subscribers and has now been granted to anyone with a G-mail address, but only in the US for now. Google plans to expand the functionality to more countries soon.

And when it comes to increasing the transparency of user data use, Android 14 introduced dialog boxes with information about the location of the data used. Users will be notified when the application shares their data with third parties for advertising purposes. The process of deleting accounts and data from the application has also been simplified. A section has been set up in the Google Play store with information regarding deletion of data. In apps using account creation, developers will be required to provide a function of deleting data from the app and the possibility of online request without reinstalling the app.

Read the full list of new security features in Google services here: New features and updates to improve online safety.

Sources:

The beginning of the end of the password
I/O 2023: What’s new in Android security and privacy
Giving Users More Transparency and Control Over Account Data

Published by: CERT EXATEL

Related articles