Android: One Tap Password, Google's new multiple authentication solution


Google wants to simplify the one-step authentication process with a solution combining Google Sign In, Smartlock and auto-fill.

As part of its 11 weeks of Android event, Google presented what could be the future of authentication on Android. The event, which began with the launch of the first beta of Android 11, allows developers to take a detailed look at aspects of Android every week.

And for this week, dedicated to People & Identity, Google demonstrated One Tap Password, a solution to simplify the creation of an account or the connection to a service. Because creating an account or logging in on a platform from an Android smartphone can be a real challenge.

One Tap Login

Users often don't know if they have used Google or Facebook to authenticate themselves on a service, if they already have an account or with which email address they have registered. At the moment, there are three solutions: Google Sign In to sign in with their Google account, Smart Lock for Passwords to sign in automatically each time a site or app is opened, and Android Autofill, which allows users to manually select their credentials.

However, Google faces two problems: on the one hand, developers do not always know which solution to integrate into their app or website, and on the other hand, some users will not use it because of a lack of trust.

With OneTap, Google intends to address both of these challenges. When the user visits an application or website for the first time, they will be asked to register with their Google Account. A secure account, based on tokens and without the need for a password, will then be created. The login window will then indicate the type of information shared with the application or site, and the user will only need to press a "Continue as" button to initiate the login with their Google Account. However, it will still be possible to manually enter their own password, which OneTap will save automatically.

The next time the user logs in, they can then choose to sign in with one tap by selecting their Google Account or a login with an identifier stored in Android Autofill or Smart Lock.

Block Store, for easier identification on a new device

To complete its arsenal, Google wants to simplify the authentication process on a new device. To do this, the company wants to create Block Store, a secure end-to-end encrypted enclave where saved credentials will be stored, in the form of tokens, rather than plain text credentials and passwords. These tokens can, if the user accepts it, be saved in the cloud.

Thus, when purchasing a new device, the user will not have to log in individually to each application. He will be able to "restore" the connection to all applications from the cloud, or via data transfer between two devices.

 Source: 01net