Google Chrome Android app is now reportedly being used as a 2-Step Verification (2SV) or 2-factor authentication (2FA) method for signing in to a new device. Till now, Google offered a few ways to verify a user, which included Google prompts, voice or text messages, backup codes, and an authenticator app. Google Chrome now seems to be the latest addition to the list. It is a bit different from the regular Google prompt notification method as it mentions a “nearby device” which means it is using GPS to locate the user and the device.
According to a report by 9to5Google, Chrome on Android is now being used in 2SV to verify a user's identity. The publication notes that when logging in to a laptop with your Google credentials, the user will receive a prompt on their phone asking if they are trying to sign in — as is the case with the regular Google prompts — but the next step where the verification process takes a bit to verify the user is actually using Chrome instead of Google Play Services.
It seems like Google is using GPS to locate the user and the device they are trying to sign in to as the prompt now shows “Someone is trying to sign in to your account from a nearby device” — ‘nearby device' being the differentiating factor between this and the regular Google prompts. The report adds that Google is using caBLE (cloud-assisted Bluetooth Low Energy) as well as requiring a user to be signed in through the same account and have Chrome Sync enabled.
This feature has not rolled out to a wider base just yet and 9to5Google claimed to have tested it out on Chrome 93 beta on Android and Chrome version 92 for macOS.
2SV or 2FA adds another layer of security that goes beyond just entering your password. It can protect your account in case someone else gets access to your password by requiring an additional step to verify who is actually trying to log in.