Google Turns Android 7+ Phones Into FIDO2 Devices

Google is continuing its pioneering effort to integrate FIDO2 into its various Android platforms. The FIDO Alliance has announced that any phone running Android 7+ can now be used as a FIDO2 security key to log into a Google account.

The news comes only two months after the entire Android platform received FIDO2 certification, and indicates that Google wants to remain at the forefront of the password-free movement. At the moment, Android 7+ phones can only be used to log into Google accounts, but the company plans to offer support to all FIDO2-compatible services in the not-too-distant future.

In the meantime, the Android 7+ news is noteworthy because it marks the first use of the FIDO2 Client to Authenticator Protocol (CTAP) with a mobile device. FIDO’s WebAuthn recently became an official web standard, and allows developers to integrate FIDO authentication into apps, web browsers, and other platforms to facilitate password-free logins. CTAP essentially allows a mobile device like an Android 7+ phone to talk directly to those platforms, turning the phone itself into a security key to offer even greater utility.

That’s why other companies are likely to follow in Google’s footsteps and take advantage of FIDO2’s CTAP capabilities. The FIDO Alliance’s post-password technology is gaining more traction with every passing year, and that trend will continue as long as key players like Google and Samsung continue to offer such enthusiastic support.