Google’s New Restore Credentials Tool Simplifies App Login After Android Migration

Google’s New Restore Credentials Tool Simplifies App Login After Android Migration

Technology

Nov 25, 2024Ravie LakshmananMobile Security / Privacy

Google’s New Restore Credentials Tool Simplifies App Login After Android Migration

Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device.

Part of Android’s Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement.

“With Restore Credentials, apps can seamlessly onboard users to their accounts on a new device after they restore their apps and data from their previous device,” Google’s Neelansh Sahai said.

The tech giant said the process occurs automatically in the background when a user restores apps and data from a previous device, enabling apps to sign users back into the respective apps without requiring any additional interaction.

Cybersecurity

This is accomplished by means of what’s called a restore key, which, in reality, is a public key that’s compatible with FIDO2 standards such as passkeys.

Thus when a user signs in to an app that supports this feature, their restore key is saved to the Credential Manager locally on device and in encrypted format. Optionally, the encrypted restore key can also be saved to the cloud if cloud backup is enabled.

Should they transition to a new phone and restore their apps, the restore keys are requested as part of the process, allowing them to automatically sign in to their account without having to re-enter their login information.

“If the current signed-in user is trusted, you can generate a restore key at any point after they’ve authenticated in your app,” Google instructs app developers. “For instance, this could be immediately after login or during a routine check for an existing restore key.”

App developers are also recommended to delete the associated restore key as soon as the user signs out to avoid them getting stuck in a never-ending loop of signing out intentionally and automatically getting logged back in.

Restore Credentials Tool

It’s worth noting that Apple already has a similar feature in iOS that leverages an attribute called kSecAttrAccessible to control an app’s access to a specific credential stored in the iCloud Keychain.

“The kSecAttrAccessible attribute enables you to control item availability relative to the lock state of the device,” Apple notes in its documentation.

Cybersecurity

“It also lets you specify eligibility for restoration to a new device. If the attribute ends with the string ThisDeviceOnly, the item can be restored to the same device that created a backup, but it isn’t migrated when restoring another device’s backup data.”

The development comes as Google shipped the first Developer Preview of Android 16 with the latest version of the Privacy Sandbox on Android and an improved Privacy Dashboard that adds the ability to view which apps have accessed sensitive permissions over a seven-day period.

This also follows the release of the updated Android Security Paper, which delves into the operating system’s suite of built-in security capabilities, including features like theft protection, private space, sanitizers, and lockdown mode, which aims to restrict access to a device by turning off Smart Lock, biometric unlocking, and notifications on the lock screen.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Read original source here.

Products You May Like

Articles You May Like

Dodger Stadium is hosting a dog adoption – NBC Los Angeles
Inside Crown Northampton Sneakers and Boots: A 116-Year Family Legacy in Every Stitch
Why Europe’s trade deal with South America is so controversial
Stephen Wilson Jr. Says Willie Nelson Is His Hero: “He’s The GOAT… I Basically Steal Everything From Willie”
Nordstrom to go private in $6.25 billion deal with founding family