Here's how Android Identity Check will start taking advantage of your smartwatch (APK teardown)
TL;DR Identity Check offers an extra layer of protection when someone steals both your phone and your PIN.
By requiring biometrics, Identity Check attempts to limit the harm bad actors could do.
Google is working to let you bypass that biometric requirement when your device is connected to a trusted smartwatch.
We all want our devices to be secure, but practical considerations mean we're often striking a balance between security and convenience. That's not a bad thing at all, as we don't always need to be taking advantage of every security protection available to us, and systems like Android's Identity Check are built for just this reason, letting us get away with just using a PIN or biometrics when we're at home, but beefing up security and insisting on both when outside a trusted location.
Just last week, we looked at one way Identity Check could soon be changing, with the tool evolving to recognizing the presence of your connected smartwatch. At the time it wasn't yet clear exactly how the watch would alter Identity Check's behavior, but now it's starting to come into focus.
⚠️ An APK teardown helps predict features that may arrive on a service in the future based on work-in-progress code. However, it is possible that such predicted features may not make it to a public release.
Identity Check is designed to help save your bacon when you're in just about the worst situation: someone else not only has your phone, but they also have your PIN. Maybe they shoulder-surfed while you were unlocking the phone, or used threats to get you to reveal it, but Identity Check is built to assume that your PIN's been compromised. That's exactly why it also insists upon biometric authentication when trying to access saved passwords or change critical security settings from anywhere other than a trusted location.
Here are the strings we spotted last time we looked:
Code Copy Text With your watch connected, Identity Check automatically recognizes you while maintaining your security even when you're not in a trusted location Protection on the move with watch
Those made it clear that Google's working on a way for Identity Check to use the presence of a paired watch as a signal of trust, just in the way a location already can. But what we didn't have at the time was confirmation of how Identity Check would work differently when it sensed your watch.
Looking through the new 25.31.30 beta release of Google Play Services, we've spotted an additional string that provides some answers:
Code Copy Text Outside of trusted places like your home • If you have a connected watch, you can use either biometrics or your PIN • If you don't have a connected watch, you'll be required to use Fingerprint or Face Unlock
There we go: When you're using Identity Check with a smartwatch it recognizes, you'll be able to bypass the need to enter a PIN, even when away from home. Basically, it's like two-factor authentication, and you've got to choose any two of the three: PIN, biometrics, or the presence of your watch.
We supposed it is conceivable that someone manages to learn your PIN, steal your phone, and also take your smartwatch, so hopefully there's a setting to choose whether or not we want to take advantage of this option once it finally arrives.
Follow
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Verge
2 minutes ago
- The Verge
AOL is finally shutting down dial-up
AOL dial-up is ending on September 30th according to a statement posted on the company's website. It marks the end of the service that was synonymous with the internet for many since its launch some 34 years ago. 'AOL routinely evaluates its products and services and has decided to discontinue Dial-up Internet,' reads the statement by the Yahoo-owned company. 'This service will no longer be available in AOL plans. As a result, on September 30, 2025 this service and the associated software, the AOL Dialer software and AOL Shield browser, which are optimized for older operating systems and dial-up internet connections, will be discontinued.' You might be surprised that the service was still operating. I'm not. At last count, a 2019 US census estimated that 265,000 people in the United States were still using dial-up internet, just a few years after I wrote this: As a septuagenarian, my father's story was typical of long-time AOL dial-up subscribers. His subscription was a security blanket. He was sure he didn't need the dial-up component, but he didn't want to risk losing access to his stock portfolio, investor forums, and email. His setup worked, and he could afford to keep paying the subscription he had dutifully paid for over a decade. With my help, we were able to migrate everything he used on AOL to the ad-supported and open internet that was already being delivered into his house via the broadband component of his cable package. Even after things were fully mirrored, he still felt trepidation when the time came to pick up the phone and terminate his dial-up account (despite AOL's best attempt to obscure and complicate the procedure). Months later he told me he felt silly for letting the ruse go on for so long. Reading that now and I'm struck to think that the end of AOL dial-up arrives at the same time as Google Zero and the end of the ad-supported from this author will be added to your daily email digest and your homepage feed. See All by Thomas Ricker Posts from this topic will be added to your daily email digest and your homepage feed. See All Culture Posts from this topic will be added to your daily email digest and your homepage feed. See All Entertainment Posts from this topic will be added to your daily email digest and your homepage feed. See All Internet Culture Posts from this topic will be added to your daily email digest and your homepage feed. See All News Posts from this topic will be added to your daily email digest and your homepage feed. See All Tech
Forbes
2 minutes ago
- Forbes
New Android Spyware Warning—Stop Using All These Apps Now
Security researchers have just issued a stark warning for hundreds of millions of Android users, as a 'frightening' new spyware threat has been discovered hiding on phones. They describe this as a 'special case' and urge users to take action now. The warning comes courtesy of Kaspersky, which has 'discovered a new malware campaign targeting Android users.' This 'spy' targets smartphones 'through messengers' by pretending to be an antivirus or banking security app. The attackers, Kaspersky says, are preying on the 'fear' of smartphone security threats that means 'many folks are ready to install any app that promises reliable protection from malware and scammers.' Ironically, this solution is actually the problem. When you install one of these apps, 'the fake antivirus imitates the work of a genuine one — scanning the device, and even giving a frightening number of 'threats found'.' In reality, this is the threat now 'spying on the owner of the infected smartphone.' The malware itself is LumaSpy, which can access your phone's microphone and camera to record audio and video, read all your texts, access your contacts, track your precise location and record whatever you are doing on screen. The malware has also been coded to steal photos stored on your phone, but this has not been enabled as yet. Critically, LumaSpy can be tasked to steal passwords stored in browsers, including Google Chrome. That's why I have warned users to delete passwords saved in browsers and use a dedicated, blue-chip password manager instead. LumaSpy will come at you via messages. 'Never download APK files from messengers,' Kaspersky says, 'even if they were sent to you by close friends. Better yet, disable the ability to install unknown applications,' which is easily done with Google's new Advanced Protection Mode in Android 16. The other key advice relates to Accessibility Services, the special permissions many malware-laced apps request to access sensitive data and functions on your phone. You should check the permissions granted to apps regularly and disable these in particular. The simplest advice, though, is to stop using any security or antivirus software on your phone unless it comes from a mainstream developer and ideally is paid for in some way. Stop using any that are not, and delete all of them from your phone.
Yahoo
29 minutes ago
- Yahoo
"Long Magnificent 7" once again world's most crowded trade, BofA survey finds
LONDON (Reuters) -Owning big U.S. tech stocks is once again the most popular trade, according to BofA's monthly fund manager survey, as upbeat earnings and improved sentiment towards the global economy send investors back into stocks. 45% of the 169 participants in August's survey, who have $413 billion in assets under management, said they thought the most crowded trade was "long Magnificent 7", a group of large U.S. tech stocks, including Nvidia and Microsoft. Strong earnings have helped big tech stocks to bounce back sharply since their tariff induced selloff in April. They were last seen as the most crowded trade in March, the survey, which was released on Monday, showed. Broad investor sentiment improved in August, with just 5% of asset managers positioning for a hard landing, characterised by a sharp slowdown in economic growth. A net 14% of those surveyed were overweight global equities, the highest since February, though still down sharply from net 49% overweight in December. Errore nel recupero dei dati Effettua l'accesso per consultare il tuo portafoglio Errore nel recupero dei dati Errore nel recupero dei dati Errore nel recupero dei dati Errore nel recupero dei dati
