Mobile phones are like little treasure chests of sensitive personal data, so Android has introduced new anti-theft measures to its Android 15 for Pixel update, including biometric authentication settings and AI-equipped data protection measures.
Identity Check activates mandatory biometrics for unlocking a device
Android Authority reports that Identity Check, which Google announced last week, will function much like Apple’s Stolen Device Protection. Enabling it will require biometrics to unlock apps, even those that can usually be unlocked with a PIN, pattern or password, if the phone is detected to be outside a trusted location.
That means if a so-called shoulder surfer spies your lock screen PIN, steals phone and tries to access Google Chrome, Identity Check will force the app to require biometric authentication for features like password autofill and payment methods if the request is, so to speak, coming from outside the house.
Identity Check also requires biometrics when “accessing critical Google account and device settings, like changing your PIN, disabling theft protection, or accessing Passkeys from an untrusted location.”
The Identity Check feature is likely to be available only on Android 15.
Theft Detection Lock, Find My Device features tighten security
Google’s Keyword blog goes into more detail on the additional theft prevention features in its security suite. With Theft Detection’s AI, it says, “if your phone senses someone has snatched it and is trying to run, bike or drive away, it will automatically lock your device.” It does not specify how it assesses the occurrence of a theft, beyond saying it “uses device sensors.”
A remote locking option with a security check is also available. And on the biometrics end, a feature called Failed Authentication Lock locks down your device when the OS detects five failed login attempts made through the BiometricPrompt API.
Per Android Authority, “many of the best Android apps use the BiometricPrompt API as an additional layer of security by blocking access to certain screens unless you authenticate.”
Other settings strengthen authentication requirements for actions like removing a SIM or turning off Find My Device, the latter of which has also gotten a biometric login option to replace login with a Google password. And there is interface-based security in the addition of “private spaces,” which can hide sensitive apps and lock clusters of them with an additional layer of authentication.
A recent post on the Google Security Blog notes the need for such added protections in places like Brazil, where 97 phones are robbed or stolen every hour. “By integrating advanced technology like AI and biometric authentication,” it says, “we’re making Android devices less appealing targets for thieves to give you greater peace of mind.”
Passkeys bring Google digital ID ecosystem together in authentication
Passkeys play an important role in enabling stronger authentication for device security. Google (among other large names in tech) has been leaning into passkeys, having launched synched passkey support in September. The company has published a guide for developers on how to integrate passkeys into the digital identity ecosystem. It says “passkeys reduce the need for passwords, offer a streamlined user experience, and are more resistant to security vulnerabilities such as phishing or compromised passwords.”
Explaining synched passkeys, Google’s passkey support page says “passkeys created on a website on Chrome on Android are stored to the Google Password Manager by default, and then synchronized to different environments where Google Password Manager is available, such as Chrome on macOS, Windows, Linux and ChromeOS.”
In other Google digital ID news, 9 to 5 Google says the company is starting tests of Google Wallet’s ability to generate digital IDs with U.S. passports. Adding a passport requires users to scan their passport photo page and the security chip inside the back cover. For authentication purposes, Google then needs a short video of your face to match to the passport. Once the passport is added, it can be used at select TSA checkpoints for identity verification on some domestic flights.
Article Topics
Android | biometric authentication | biometrics | Google | identity verification | passkeys | smartphones