Dubbed Universal 2nd Factor (U2F), the consumer-facing side of this initiative will be a USB dongle called the YubiKey Neo. Built to Google’s specifications by Yubico, the YubiKey Neo is a driverless device that requires no battery. Plugged into a computer’s USB port it will add a second layer of verification when pointing Google’s Chrome browser to a Gmail or Google Docs account. The login process can be initiated by typing a username and PIN. The browser will then communicate with the YubiKey Neo, using encrypted data, to authorize account access. With U2F verification, if someone wanted to login surreptitiously to an account, he or she would need to know the username and PIN while simultaneously having physical possession of that specific YubiKey Neo.
Based on security technology found in the smart card devices favoured by the military, the YubiKey Neo can be thought of as a digital key. The Google account is the lock, one that is configured to accept only the YubiKey Neo in a user’s possession. Because the YubiKey Neo and Google’s Chrome browser will engage in secure public-key encryption when logging in, the user-generated password normally entered along with an username can be reduced to a four-digit PIN. The username and PIN simply state someone’s identity. The YubiKey Neo is what actually verifies it.
Although U2F logins are not yet available to the public, Google has already deployed several hundred thousand YubiKey Neo devices to its employees since the beginning of 2013.
In recent news, Google has launched the Google Wallet Card, a prepaid debit card which will allow users to make purchases in stores or withdraw cash at ATMs without the wait for money to transfer from the users Google Wallet accounts to their bank accounts.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.