Android’s Built-In Security Key Can Now Be Used for iOS Devices
Android’s Built-In Security Key Can Now Be Used for iOS Devices
Google is expanding the ability to use an Android phone as a physical two-factor authentication security key to include iOS devices.

In April, Google announced a groundbreaking technology that could allow Android users to use their smartphones as hardware security keys whenever logging into Google accounts on their laptops or work PCs, ZDnet reported.

Initially, the technology was made available for Chrome OS, macOS, and Windows 10 devices. Today, Google announced it is expanding this technology to iOS as well.

Today’s news means that iPhone and iPad users can now use their (secondary) Android smartphones as a security key whenever logging into their Google accounts on an iOS device.

The technology works basically the same, as Google explained in April, at the Cloud Next 2019 conference.

To use it, users will have to have Bluetooth enabled on both their iOS and Android devices, so the Android smartphone can sign and authorize any login attempts for Google accounts initiated from the iOS counterpart.

The only difference in the login mechanism, is who will be managing the login operations. On desktops and laptops, the Chrome browser is used to communicate with the Android phone’s built-in security key over Bluetooth using FIDO’s CTAP2 protocol.

Because there’s no actual Chrome browser on iOS (Chrome for iOS is actually running on WebKit — aka a customized Safari), for iOS devices, the Chrome browser will be replaced by Google’s Smart Lock app, which users will have to install on their iOS devices.

If iOS users need help in setting up their Android smartphones as a security key for iOS devices, Google has some instructions in this blog post.

Only Android smartphones running Android 7.0 (Nougat) or later support the built-in security key mechanism.