Apple iPhones with updated iOS finally have an important security feature that Google’s Android smartphone operating system has had for quite some time. Under the revised Google Advanced Protection Program, iPhones with iOS version 10 and above, can be used for authentication and user verification while using any Google Account. The latest addition in the Two-Factor Authentication or 2FA brings iPhones in line with Android phones, which had built-in security keys since last April.
Google has extended the much-needed 2FA mechanism to Apple iPhones running iOS 10 and above. The company has included the Apple smartphones just before the U.S. Presidential election to ensure the mobile devices, and the accounts used on them, remain protected from hacking and espionage attempts.
How Does Google 2FA Secure Apple iPhones With iOS 10+?
Google’s Advanced Protection Program is a multi-step protection and authentication mechanism that attempts to verify the identity and ensure only authorized access to Google Accounts. The program focuses on three key security mechanisms. It provides protection against phishing attempts by requiring possession of a physical security key to access a Google account via two-factor authentication (2FA). The mechanism also limits access to Gmail and Google Drive to other apps from Google and select third parties. In case an account recovery process is initiated, the program requires extra verification steps.
Have an iPhone? Starting today, you can use it as a security key AND to enroll into Google's Advanced Protection Program (our strongest security) to protect your personal and work Google Account. Do it today, don't wait. https://t.co/XV77MTHYs9 #FIDO @FIDOAlliance #2FA pic.twitter.com/Mgas340LBa
— Vladimir Petrosyan (@vladpetrosyan) January 15, 2020
While Apple iPhones have had limited access to Google’s Advanced Protection Program, the search giant’s own Android operating system has always had the same deeply integrated since version 7.0. Essentially, any Android smartphone running version 7.0 and above could double as a Fast Identity Online (FIDO) security key. All Google Account owners and users can currently authenticate themselves using their Android phones via Bluetooth on Chrome OS, macOS, and Windows 10 devices.
Although the support for the highly secure 2FA was extended to Apple iOS, Google mandated the use of an Android device to authenticate Google Accounts on iPhone or iPad. Needless to say, such a method forced Apple device owners to keep an Android device active and logged-in or possess a physical security key.
The long-winded method has essentially been shortened for Apple iPhones running iOS 10+. Simply put, iPhones themselves can also now be used as a security key by any Google Account user, including those who are registered on the Advanced Protection Program. The primary difference, however, still lies in the way 2FA is managed.
It uses the Secure Enclave as a security key, it's pretty cool.
— Filippo Valsorda (@FiloSottile) January 14, 2020
The security key functionality was built directly into Android smartphones and other devices. However, in the case of Apple iPhones, users will have to activate the security key using Google’s Smart Lock app for iOS. Incidentally, the Smart Lock app uses the iPhone’s Secure Enclave feature, which effectively transforms the iPhone into a FIDO key. With the newly acquired feature, iPhones can now authenticate Google Accounts via Bluetooth on Chrome OS, iOS, macOS, and Windows 10 devices. They will not require to procure any additional physical security key for FIDO.
Google Allows iPhones To Become FIDO Security Keys Just Before U.S. Presidential Elections:
Google appears to have relented and allowed Apple iPhones running iOS10+ to be used as FIDO authentication security keys for additional security before the U.S Presidential election. Previously, only Android smartphones had the ability to act as physical security keys owing to their hardware and deeply integrated functionality.
appleinsider: #Apple #iPhones can now be used as a Fast Identity Online (#FIDO) security key. This replaces the physical hardware keys previously required –– and brings the iPhone into line with #Android phones. https://t.co/moGFe0pYAM pic.twitter.com/9GH7IEXebN
— Jay-Z (@z4mp1) January 15, 2020
However, with Apple iPhones, Google has allowed replication of the feature through an application that mimics the functionality. It is important to note that Google’s FIDO mechanism does rely on Apple’s own implementation of hardware-based security and encryption that has proven its effectiveness and impenetrability on numerous occasions.