Google utilized the recently held Next conference to reveal its physical key for use in authenticating logins.
The name given to it is Titan Security Key, and it’s currently being made available to those using Google Cloud.
Going ahead, anyone can pick up the Titan Security Key and start using.
The aspect to be kept in view is that the key would support the authentication standard called FIDO (or Fast Identity Online).
Many apps support this authentication, including Facebook, Dropbox and GitHub. Google’s new Titan Security Key is going to be useful for the users of these apps.
The Design and Features of the Titan Security Key
In terms of the design and shape of the security key, Google has made two devices—one looks like a car remote key with a Bluetooth key to be operated with devices like mobiles and tablets, and another for other devices like PCs and laptops, where the USB slot is available.
A unique back and forth double verification is done when you use these security keys. The moment you visit a trusted site, there is a cryptography-based tool to verify the site and then the site can check if the Titan Security Key being employed is genuine.
It must be recorded here that these security keys have been used by approximately 85,000 employees of Google, though not in this shape and design.
By using the same technology, the company wants the public at large to benefit from this physical security tool.
It is reported that the security key has been quite effective at protecting the devices of Google employees from any form of cyberattack for more than a year now.
Functioning of the Security Key
The security protocol used in Google’s Titan Security Key is called FIDO U2F.
From a functional standpoint, the U2F (or universal 2nd factor) is not very different from the smartcard technology many people are already familiar with.
By just tapping the key against a smartphone that has been NFC-enabled, the key is recognized by the device.
As and when you create a new account online, the technology helps generate two distinct password tokens—a private one and a public one.
The next time you wish to log into this account, the two tokens combine to allow access to the account.
The private token is linked to the Titan Security Key and once you press the button provided on the key, the private token is released and the loop closed.
The internet connection does not get involved in this process and an isolated circuit is created.
This would definitely prove useful for people who would want to strengthen the security of the data residing on their devices.
The Commercial Aspects
It is learnt that the price at which Google proposes to sell these security keys will be $25 each if bought separately and $50 if the USB and Bluetooth keys are purchased together.
Going ahead, there is a possibility that these prices could be further dropped down once the volumes are established.
It may be pertinent to recall here that there is a product in the market very similar to the Titan Security Key being now launched by Google—YubiKey, a product developed by Yubico.
Interestingly, this FIDO security protocol itself was jointly developed by Google and Yubico. YubiKey has two distinct products too for Bluetooth and USB applications.
Google has gone ahead and clarified that, though on the surface the technology might appear to be the same, the Bluetooth technology on the Titan Security Key is different and more reliable due to the inclusion of NFC using only the Bluetooth Low Energy Component.
Google has a lot of expectations from its latest security product and is confident that it will prove useful to the customers of Android and other devices across the spectrum.