Google wants to kill off passwords for logging into your Android smartphone

Google's 'Project Abacus' wants to replace passwords and pins with biometric logins -- and banks will do the initial testing soon.
Written by Danny Palmer, Senior Writer

Google believes biometrics could be the answer to password-free logins on Android.

Image: CNET/CBS Interactive

Google believes it can eliminate the tedium of having to enter a password for your smartphone, and banks will be the first to trial this experimental login method, with plans for a more general scheme to be rolled out to others by the end of the year.

"We have a phone, and these phones have all these sensors in them. Why couldn't it just know who I was, so I don't need a password? I should just be able to work," said Dan Kaufman, head of advanced technology and projects at Google, speaking at the company's I/O developer conference.

What Google is doing -- in a scheme known as as Project Abacus -- is working on a system which replaces using a password or PIN to unlock the phone with one which uses biometric data and other information.

Google is working to develop the Trust API, which determines a 'trust score' using data such as location, facial recognition, and typing patterns to determine if the user is indeed who they say they are, then allowing them access to the required applications if the criteria is met.

The theory is that the Trust API will always run in the background of your phone and that access to applications which contain more sensitive information -- such as bank accounts -- would require a higher trust score to be met for the user to be logged in, but still without the need for entering a password.

"What we're going to do with this is be able to get rid of the awkwardness of second-factor authentication," said Kaufman, referencing how people often become annoyed when they have to enter two stages of passwords and PINs.

Google is keen to introduce password-free logins for Android users as soon as possible and Kaufman detailed how "several very large financial institutions" will perform the initial testing of Trust APIs before -- assuming the trials go well -- the system "should become available to every Android developer around the world by the end of the year".

Eliminating passwords with biometric identification sounds like a good idea in practice; especially given how data leaked from the LinkedIn hack demonstrates that many users still use extremely poor passwords, potentially putting them at risk of data theft, financial losses and more.

Read more on biometrics

Editorial standards