Google says passkeys can help secure elections around the world

Google Passkeys sign in
(Image credit: Future)

Google is extending its passkeys work in a bid to boost security across the world ahead of a series of major elections, including the US presidential race, scheduled in 2024.

In a blog post, the search giant revealed it will soon support the use of passkeys to enroll in its Advanced Protection Program (APP), a Google security offering designed for high-risk individuals such as journalists, human rights workers, or presidential candidates and campaign workers. 

“In a critical election year, we’ll be bringing this feature to our users who need it most, and continue to work with experts like Defending Digital Campaigns, the International Foundation for Electoral Systems, Asia Centre, Internews and Possible to help protect global high risk users," the company noted.

Malicious meddling

Previously, for APP, users needed a form of hardware security as a second factor, but soon, users will be able to enroll in APP with any passkey, in addition to their hardware security keys, Google explained. Furthermore, they will be able to use passkeys as a sole factor, or pair it with a password.

If you’re unsure why Google correlates passkeys with the US presidential elections, there were reports that state-sponsored threat actors from Russia, as well as other Russia-affiliated groups, influenced, or tried to influence, previous elections. They allegedly did it through social media campaigns and misinformation, often using stolen accounts in the process.

Google also revealed more third-party password managers are now leveraging passkey management APIs on Android, and other operating systems, and that the support for passkeys is growing throughout the industry.

It also said that the consumers responded in kind: “In less than a year, passkeys have been used to authenticate people more than 1 billion times across over 400 million Google Accounts,” the company said. “In fact, on a daily basis passkeys are already used for authentication on Google Accounts more often than legacy forms of 2SV, such as SMS one-time passwords (OTPs) and app based OTPs (such as Authenticator apps) combined.”

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.