Google Aims to Kill Passwords with Project Abacus

Google wants to kill passwords with Project Abacus, which Google said will become available on Android devices by the end of 2016.

Google wants to kill passwords. And the weapon it wants to use is called Project Abacus, which Google said will become available on Android devices by the end of 2016.

The way Project Abacus works is that instead of relying on passwords or two-factor authentication to open your Android phone, your device will instead authenticate you based on how you used your device.

According to Daniel Kaufman, head of Google’s Advanced Technology and Projects, the way Project Abacus works is it monitors how individuals use their phone from keystroke speed, pattern of speech, location, rhythm of your walk, facial features, the way you swipe open your phone and anything else your phone can sense that can be used to create what’s called a Trust Score to prove your identity.

If a stranger steals your phone, the idea is, the phone’s sensors would identify unusual user behavior. Next, the dynamic Trust Score for your phone would suddenly plunge and the phone would log out of any open accounts on the phone or just remained locked.

“We have these phones and these phones have all these sensors in them. Why couldn’t it just know who I was, so I don’t need a password?” Kaufman said at last week’s 2016 Google I/O conference. He said that over the past year Google has created a Trust API that will be rolled out in June to beta customers and if all goes well will be rolled out for all Android users before 2017.

Of course the quid quo pro is that Google gets to snarf-up even more data about you. But Google has said the sensor data used to generate the Trust Score would be locally processed and not sent to the Google cloud to be added to your digital dossier it has of you.

The project was originally introduced at last year’s Google I/O conference. At that time Regina Dugan, a Google senior executive, said the Trust API would be used for locking and unlocking your phone as well as opening apps. She claimed the system is tenfold more secure then fingerprint sensors and 100x safer than 4 digit PIN codes.

The idea is not novel. Apple has its own password-killing tech with its TouchID and Microsoft has its Windows Hello biometric system introduced with the Windows 10 operating system. This is also not Google’s first time at the password rodeo either.

Google officially launched Smart Lock at last year’s Google I/O conference. Smart Lock is a password manager for Android and Chrome users that saves credentials on one devices for later use on all other supported devices and services.

According to Google, 70 percent of users forget their passwords once a month. Add that to another Google stat that estimates that on average it takes 2.4 attempts to guess a correct a password before we get it right.

Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.


  • Dave Lessnau on

    " monitors how individuals use their phone from keystroke speed, pattern of speech, location, rhythm of your walk, facial features, the way you swipe open your phone..." So, if you get in an accident (especially involving your hands), you're SOL and can't log in to anything?
    • Fred Dickey on

      Maybe the phone will know you have been in n accident. Mine knows when I am in my car even if I am not moving. I was digging around in the parked car for something the other day and got a text and the text to voice feature was already active even though I was just sitting their with the car turned off. I suspect it either collaborated with the Verizon Hum device in my car or Google GPS simply paid close attention to where I parked earlier that morning.
  • Steve on

    The concept is interesting. I use Android and love it, I am in the enterprise software business not the app business. I used my finger print for years without a problem, then I cut my finger and could not open my phone, it had been over two years since I set up the backup password. I hate to admit I could not remember or find it. Had to wipe my phone. Since I am in the biz, I only blame myself, but think there should be at least 3 ways to unlock if the biometrics fail!
  • Clint Marsden on

    There is always a contingency for biometrics for these cases. You may be able to unlock the device using your voice, or secret questions etc until you can reconfigure it.
  • Cherian on

    What happens when there is an accident and you can not replicate the usual physical behavior? These kind of emergencies are a primary reason for many to carry the mobile phones.
  • John on

    Interesting but the privacy implications are disturbing to say the least!
  • Rsorlando on

    And google snoop Inc, AKA Big Brother, now has an insight into our most personal traits and activities! What a fantastic idea! So another big fat database grows on all of us to be mined and sold to the highest bidder, not to mention our political activities, locations, and the black lists the "State" will surely amass! Google: The wonderful guys who care less about their users and who works in close contact with Barry Sotoro, and works closely with the Chinese government to keep track of and report illegal political activities of Chinese citizens to the red Chinese Maoist/communist government! In my opinion. No flippen way! Thanks anyway gargoyle.
  • LAA on

    before long, the NSA (police state agency) will know your whereabouts on a moments notice... No thanks

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.