Announced at last year’s Google I/O, Project Abacus works by accumulating data about you such as the particular times and locations you might use an app, as well as your voice and face to derive a Trust Score. This Trust Score is then used to determine if it’s indeed you. If so, you won’t have to enter a password, and if not, well, you get the gist. Financial apps would require a very high Trust Score, while games and such wouldn’t be as stringent.
Engineers in Google’s search and machine intelligence teams created the Trust API, which will be tested at select banks starting in June. If all goes well, it’ll get released to all Android developers by the end of the year. As many as 33 universities across 28 states already ran trials last year.
Google has dabbled in this area with Smart Lock, which was introduced in Android Lollipop. It allows you to automatically unlock your
The problem with passwords is that people don’t remember them, so they tend to use simplified passwords. To make matters worse, most people will use the same password for multiple accounts, making them more vulnerable to attacks. Some have resorted to using password manager apps that automatically type passwords for you, but they can be a pain to set up. Google’s plan is to make things simpler, but even more secure than today’s standards.
“We have a phone, and these phones have all these sensors in them. Why couldn’t it just know who I was, so I don’t need a password? It should just be able to work,” said Kaufman at a developer session last Friday afternoon at Google I/O.
By bringing the Trust API to the app level, it will further protect app data from a stranger that who able to successfully unlock your device. Each app would determine that the user wasn’t you and would require a password to gain access.
From what we can tell, it doesn’t appear that Google will need to release a new version of Android for the Trust API to work, since it’s mostly at the app level. This means that it should work on older versions of
