Google has made its Titan Security Keys available on Google’s store.
The $50 security key comes with Bluetooth and USB versions of the Titan Security Key. Google released the Titan keys in July and we tested them with Twitter, Gmail and Facebook accounts.
You can now visit Google store and buy them if you live in the United States and according to Google, they will soon hit the market in more countries. If you are only looking for an individual key, Google currently offers it only to enterprise users, the company said.
Security keys arrive at a time when identity theft attacks are endemic, with more than 40 percent of misdemeanors due to passwords loss.
Identity theft attacks occur when hackers send misleading e-mails to trick victims into entering their passwords. These sophisticated systems have reached inboxes owned by politicians, banks and celebrities, but also targeting ordinary people online.
In the research, Google discovered that half of its participants came across phishing sites, said Christiaan Brand, head of identity and security products at Google. Though you’d like to think that you can identify the difference between real emails and identity theft attempts, it’s often too difficult, said Sam Srinivas, Google’s Security Information Management Manager.
“Today, in phishing, we are asking users to search for the appropriate URL, which is an unfair burden on the user,” he said.
Apple has finally fixed the biggest MacOS High Sierra security problem
Security keys are designed to eliminate this burden by providing an additional layer of security after entering the password, he added.
These keys are a form of two-factor authentication format that can also be offered by entering a PIN code that is sent to your phone or approving access through an application. Two-factor authentication is a great protection against hackers, since even if the passphrase is stolen, attackers need another item to access their accounts.
Security keys slightly raise the bar by making second factor a physical item you can hold in your hands. They can also tell you if the site you are visiting is a fake version. Google, like many security specialists, believes that keys are safer than using code sent to your devices because it is much more difficult for hackers to steal a physical key than the digital code.
In July 2018, Google boasted that none of its 85,000+ employees had their account hacked since it adopted the security keys. Security keys are not new technology, as companies like Feitian and Yubico also sometimes offered them at a lower price.
Feitian, a Chinese company, has created the Titan Key for Google, but the search engine giant manages the security chips inside its company to make sure there is no interference. Feitian is a company certified by the FIDO, along with Google and Yubica. Before Google created its own security keys, it recommended that users buy Feitian’s security keys for Google’s advanced protection program.
While the Titan Key has NFC features, you cannot touch it and tap it on your Android phone to use it yet. This is because Android devices need updating to enable this, said Brand.
But even Google admitted that the security key may not be for everyone. Security keys add to the advanced level of protection that Google recommends to very specific people, such as activists and politicians. For an average person, this could be a different story.
“For generic users, Google is good at blocking more than 99% of fraudulent activities and accounts access, so security keys may not be right for generic users at this point,” Brand said.