During Google I/O, Dan Kaufman, Head of Google's Advanced Technology and Projects (ATAP) briefly talked about Google’s plans to replace passwords with a trust system. This trust system is built upon Project Abacus, and would use the various sensors in a phone to recognise the user via a Trust API. The company plans to use this technology to reduce the usage of second factor authentication. He added that the company is “going out to several very large financial institutions” this June for initial testing. If that goes well, the API would be made available to Android developers by the end of the year.
Project Abacus was first unveiled at Google I/O last year, and uses the many different sensors on a phone to track various things such as keystroke patterns, speech patterns and more, to know who is using the device. The idea behind the system is that humans aren’t too good at remembering passwords, and this system may eliminate the need to memorise any more.
Currently, two-factor authentication is the most common form of security that is used by most services. This system lets users add a secondary component that will be used to verify the identity of users. Phones are the most popular component in this system, and requires users to verify a phone number that will receive an authentication code needed to gain access to an account.