New Google Play Biometrics Warning Issued To All Android Users
Google is sending emails to users notifying them about upcoming changes to the security settings for purchase verification on mobile devices. These changes will be implemented in the coming weeks and aim to enhance the security of Google Play purchases. The changes follow a recent verification update for Google Wallet users. Within that email, though, is a warning for all users looking to verify purchases using biometrics on their smartphone.
04/20 update below. This article was originally published on April 18.
Google Makes Changes To Google Play Biometric Verification
On the afternoon of April 18, I received an email from Google informing me that it’s possible to configure Google Play purchase verification to use biometrics on suitably equipped smartphones. “If you set biometrics,” the email stated, “it means that you’ll be asked to verify that it’s you with biometrics each time that you make a purchase through Google Play.”
These settings, Google said, “only apply to purchases made through Google Play’s billing system.” When enabling the purchase verification biometric option, your Google Account password will no longer be required to confirm the configuration change. Instead, your fingerprint or face will be used.
Use Caution If Your Kids Have Their Fingerprints On Your Phone
This new Google Play email warns that the changes will be rolling out in the coming weeks and that Android owners should use caution if storing biometrics of children or others on their devices. “If you share your device and choose biometrics as your verification method,” Google said, “ensure that you’re comfortable with all biometrics stored on your device being used for verification.” Otherwise you could be leaving the door open for anyone with those fingerprints or faces stored on your phone being able to pass purchase verification protections.
Google Wallet Gets More Like Apple With Tap-To-Pay
This follows recent news reports that new security settings for Google Wallet will also enable biometric verification as a requirement for every purchase. The verify it’s you alert will also pop-up if using Wallet three minutes after you unlock your device. This will sound familiar to iPhone users as Apple Pay requires authentication before any tap-to-pay transaction. Android users will be able disable verification when using the default transit card, even if the phone is locked.
04/20 update: As technology companies such as Google continue to push towards primary biometric authentication, we must ask ourselves whether the general public is truly comfortable with this approach. While some may be biased towards biometrics because of the benefits they bring over traditional passwords, we must also consider other factors. Biometrics are often used as a second factor in authentication, with our devices relying on our faces or fingerprints to grant access. However, just because we may be content to use biometrics to unlock our smartphones, this does not necessarily mean we want to use them for other purposes, such as logging into our bank accounts or making purchases online. It’s crucial that we examine the statistics to determine how consumers truly feel about biometric authentication.
A 2016 YouGov survey of adults in the U.S. found that 58% preferred passwords over fingerprints or facial recognition. Fast-forward to now and when NordVPN asked U.K. and U.S. residents about their biometric usage it found “50% of U.S. respondents still use at least one biometric technology (fingerprint, face, or eye scan) daily.” What’s more 29% don’t use any biometric technology at all. All of this tends to suggest there’s still a way to go to convince the average user of the security benefits biometrics can bring.