Dubbed Universal 2nd Factor (U2F), the consumer-facing side of this initiative will be a USB dongle called the YubiKey Neo. Built to Google’s specifications by Yubico, the YubiKey Neo is a driverless device that requires no battery. Plugged into a computer’s USB port it will add a second layer of verification when pointing Google’s Chrome browser to a Gmail or Google Docs account. The login process can be initiated by typing a username and PIN. The browser will then communicate with the YubiKey Neo, using encrypted data, to authorize account access. With U2F verification, if someone wanted to login surreptitiously to an account, he or she would need to know the username and PIN while simultaneously having physical possession of that specific YubiKey Neo.
Based on security technology found in the smart card devices favoured by the military, the YubiKey Neo can be thought of as a digital key. The Google account is the lock, one that is configured to accept only the YubiKey Neo in a user’s possession. Because the YubiKey Neo and Google’s Chrome browser will engage in secure public-key encryption when logging in, the user-generated password normally entered along with an username can be reduced to a four-digit PIN. The username and PIN simply state someone’s identity. The YubiKey Neo is what actually verifies it.
Although U2F logins are not yet available to the public, Google has already deployed several hundred thousand YubiKey Neo devices to its employees since the beginning of 2013.
In recent news, Google has launched the Google Wallet Card, a prepaid debit card which will allow users to make purchases in stores or withdraw cash at ATMs without the wait for money to transfer from the users Google Wallet accounts to their bank accounts.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now