Every time there’s a large scale data breach, we’re reminded how little thought and creativity people use when coming up with their passwords. In in the wake of LinkedIn’s 2012 data breach, for example, we learned that hundreds of thousands of people were using “password” as their password. A good number of users were also found to be using the password LinkedIn.
In an effort to combat people’s predilection for choosing horribly insecure passwords, Google has come with an interesting new solution called a “Trust Score” designed to replace passwords altogether. Trust Score, in a broad sense, is effectively a continuation of Project Abacus which Google first introduced last year.
DON’T MISS: Apple’s next MacBook Pro will be like nothing we’ve ever seen
At Google I/O this year, Google said that a “Trust Score” consists of software that continually runs in the background and monitors various usage patterns in order to verify the identity of a user with a high degree of certainty. Some monitored metrics might include facial recognition, fingerprint authentication, typing patterns, tying speed, general behavioral data, voice recognition and location information.
“This score is basically about how confident it is that you are who you say you are,” TechCrunch adds. “If your score isn’t high enough, apps could revert back to asking for passwords.”
And if a score is high enough, access would be granted without having to punch in a password. Naturally, sensitive apps like banking apps would require a higher Trust Score than, say, a user’s chess app.
As it stands now, Google is conducting a trial run with financial institutions before taking the technology mainstream. Indeed, Google indicated that the technology will likely be available to developers before 2017.
Like many things Google attempts, the underlying technology behind this particular technology seems cool, but the practicality remains questionable at best.
People of course choose horrible passwords, but securing an app behind a biometric feature such as a fingerprint seems preferable to having an algorithm determine if a password is needed in the first place. It also remains to be seen if users are open to the idea of their phone effectively keeping tabs on them in exchange for an ostensibly more convenient user experience.