You Can Now Use An Android Phone As A Physical Security Key For 2FA On iOS

Google is making it a little easier to sign into your Google apps and services on an iOS device.

The company is taking advantage of the new security key feature in Android to allow people to use their Android phone to log in to Google services on iOS — The new feature works through Google’s Smart Lock app, which you need to have installed on your iPad or iPhone to make the Android security key feature work. You also need two-step verification enabled, and if both of those criteria are met, you will be able to hold down the volume key on your phone to sign in to your services.

“Compromised credentials are one of the most common causes of security breaches,” wrote Google software engineer Kaiyu Yan and product manager of identity and security Christiaan Brand in a blog post. “While Google automatically blocks the majority of unauthorized sign-in attempts, adding two-step verification (2SV) considerably improves account security … [and now,] you can use your Android phone to verify your sign-in on Apple iPads and iPhones.”

Back in April during its Cloud Next 2019 developer conference, Google rolled out a feature that allows Android phones running Android 7.0 Nougat and up to act as Fast Identity Online (FIDO) security keys, enabling them to protect G Suite, Cloud Identity, and Google Cloud Platform accounts across Bluetooth-enabled Chrome OS, macOS, and Windows 10 devices.

FIDO is a standard certified by the nonprofit FIDO Alliance that supports public key cryptography and multifactor authentication — specifically, the Universal authentication Framework (UAF) and Universal Second Factor (U2F) protocols. When you register a FIDO device with an online service, it creates a pair of keys: (1) an on-device and offline private key and (2) an online public key. During authentication, the device “proves possession” of the private key by prompting you to enter a PIN code or password, supply a fingerprint, or speak into a microphone. Today, security keys on Android phones can verify sign-ins on Apple iPads and iPhones.

Here’s how you can set up your devices to sign in on iOS using an Android phone’s built-in security key:

• On a computer, sign in to your Google account and visit the 2-step verification page (make sure you’ve signed up for 2SV).
• Click on ‘Add Security Key’ on the 2-step verification page.
• Pick your Android smartphone from the list of available devices.
• Turn on Bluetooth on your Android and iOS devices.
• Sign in to your Google account using the Google Smart Lock app on your iPhone or iPad.
• Check your Android smartphone, it’ll receive a notification.
• Follow the instructions on your Android phone to confirm your login.

You’ll need an Android smartphone running Android 7.0 or above and an iOS device running iOS 10.0 or above, according to Google. The company also recommends that you register a backup hardware-based security key and keep it in a safe place. It can be used to sign in in case you lose your Android smartphone.

The new feature should be available today on all Google accounts.