Google’s I/O Developer conference last week included a variety of changes to the Android Ecosystem. What you may have missed, however, is that Google ATAP discussed Project Abacus in a low-flying announcement. This was initially unveiled at Google I/O 2015, where the software giant described its ambition to take the pressure of password logins off the user.
Project ATAP is based on your “Trust Score”, which is collected using all the various sensors on your device. This includes measurements such as your typing patterns, your location, facial recognition, and other things that help your phone know that you are YOU.
This system of using biometrics would replace the current two-factor authentication, which uses an identifier, such as your password or phone number (verifying your ownership of the device). A system like Project Abacus is already present in Android, called Smart Lock, which uses either your location or connected devices (trusted places and devices) to determine whether or not you’ll have to enter a password to get in your phone.
All of the ideas in Project Abacus have been implemented into something called the “Trust API”, which is about to enter testing with large financial institutions and eventually every Android developer. Once it’s available, both apps and the OS will work together to determine how high your trust score should be for you to forego the password.
The Trust API is a huge step in mobile security, since your device will be able to identify who is holding the phone and whether or not it is you. If someone steals your device, it can just lock down all your apps so these people can’t get unauthorized access to your accounts.