A good part of the 100 key announcements Alphabet made at the Google I/O conference was around security and privacy, and for good reason. The tech giant also addressed concerns about its misuse of user information. Below, we have compiled the top security-related announcements made at Google’s flagship conference.
Protected Computing
Google’s new technology, Protected Computing, comprises new tools to help users protect themselves better online. The tech uses end-to-end encryption to protect user data from everyone, including Google. Protected Computing allow users to remove personally identifiable information from Google Search results. Google de-identifies user data by blurring and randomising identifiable signals, adding statistical noise, and using anonymisation techniques to strip identity from data. “If you find search results that contain your contact details, such as your phone number, home address, or email address that you want taken down, you can easily request their removal from Google Search. Of course, removing this information from Google Search doesn’t remove it from the web, but this is an important step in helping to protect people online,” said Danielle Romain, VP of Trust at Google.
Additionally, users can also minimise their data footprint. “Leveraging techniques like edge processing and ephemerality, we shrink the amount of your personally identifiable data,” said Google. In addition, the technology uses randomisation methods to obscure links between a user’s identity and data. The feature will be available in the next few months in the Google App.
Account safety status
Google is also bringing the safety status notification system to Google apps. For instance, users will see a yellow alert icon on their profile picture in apps, an indicator that they need to improve their security and better protect their information.
Two-step verification
Last year, Google rolled out two-step verification for 150+ million accounts. The tech giant intends to auto-enrol people for two-step verification and further boost their security and reduce phishing risks. “Our specialised teams, the Threat Analysis Group and Project Zero, counter serious threat actors and detect vulnerabilities across the internet. Last year, the Threat Analysis group detected that over 40,000 users were being targeted by government-backed actors. We automatically alerted everyone and increased protections and blocked attacks,” said Jen Fitzpatrick, SVP, Core Systems & Experiences at Google.
Password free future
Google is on a quest to usher in a passwordless future. Along with auto-enrolling users in two-factor authentication, Google has joined the FIDO Alliance, an illustrious group comprising Microsoft and Apple, to phase out passwords on websites and apps.
Virtual credit cards
Google also announced the plan to offer virtual credit cards for the Chrome browser and the Android OS. The technology substitutes a virtual credit card number for the actual number stored on the browser. Further, it will be recognised and processed by retailers without checking the real number. This means hackers would only get a bogus virtual number. “In the event of a data breach, the virtual card number can be replaced, and you won’t have to deal with replacing your physical card. Apple has the same type of feature for the Apple Card,” explained the team.
Ad center
Google is all set to give people more control over the ads they see. My Ad Center allows users to decide which ads they see on YouTube, Search and Discover Feed. You’ll be able to choose the types of ads you want to see — such as fitness, vacation rentals or skincare — and learn more about the information we use to show them to you.
Phishing protection for Google Workspace
Google is also expanding their phishing protection services to Google Workspace; Google Docs, Slides and Sheets. “Every day, Gmail and messages by Google block more than 15 billion spam and phishing messages. Google Play now scans 125 billion installed apps for malware, making the entire app ecosystem safer. Our safe browsing technology, built into Chrome and other major browsers now protects five billion devices from risky sites. Detecting and blocking threats at this scale every day makes our AI-powered protection second to none and enables our teams to identify new areas to safeguard,” said Fitzpatrick. “Soon, if you’re working in a shared doc that contains a suspicious link, we’ll automatically alert you and take you back to safety.”
Google has also committed USD 10 billion to modernise vulnerable systems and infrastructures, secure the software supply chain, and train 100,000 Americans in digital skills, including data privacy and cybersecurity through the Google Career Certificate Program.
“Our engineers have pioneered and open-sourced numerous privacy-preserving technologies, including Federated Learning and Differential Privacy, which we made more widely available earlier this year when we started offering our Differential Privacy library in Python as a free open-source tool — reaching almost half of the developers worldwide,” Google stated.