New Scientist (05/31/16) Sally Adee
Google wants to phase out password access to its Android mobile platform in favor of a trust score by 2017. The trust score would be based on a suite of identifiers, including the Wi-Fi network and Bluetooth devices connected to the phone, and biometrics such as typing speed, voice, and face. The phone's sensors will harvest this data continuously to keep a running count of how much it trusts that the person holding the phone is the registered user. A low score will be enough to open gaming apps, but a banking app will require a higher score. The technologies are part of a trend attempting to build more security and privacy into design, instead of making it the responsibility of the user. Authentication tasks can be arduous and time-consuming, leading many users to stick with common passwords such as "12345" or "password." Google hints it will be collaborating with major banks, but some institutions have begun to look into trust technology independently. University College London researcher Angela Sasse says one of the most interesting behavioral biometrics is keystroke recognition, and notes "behavioral biometrics have higher recognition rates and are more accurate than classic biological markers."