hi everyone my name is Vishnu and I'm a product manager working on identity at Google today I'll be talking about identity on Android and what's new in sign in
smartphones and computing devices are more important today than ever before and a critical part of being able to usethese is actually signing in to your apps and websites the sense of security everyone has in the Internet is based around passwords in their use and as you all know they're a flawed tool that creates many challenges user authentication can be a complex problem in order to provide
a personalized experience the first and oftentimes most important step is to sign-in let's take this app as an example you'll see various sign-in mechanisms and wonder did I use Google or another federated sign-in if you use email you might also wonder which email did I actually use and
once you get to entering your password you may not have any clue what it is and probably will just use the forgot password link and finally did I even have an account in the first place I've named several challenges and here are existing solutions for those Google sign-in
allows you to use your Google account to sign up or sign in smartlock is a frictionless way to save and retrieve passwords to sign in between Android and chrome and Android autofill is a low touch way to remember and fill-in passwords however there's still a gap and we'd
like to solve two key challenges first there's overhead on you as developers that are not knowing what to implement having to implement multiple solutions and making sure that they all work together smoothly you may not know which ones to prioritize and properly integrating all of these as a
challenge the second challenge we see is that despite our best efforts many users simply don't save their credentials federated and identity and password managers work great if the user chooses to use them but we see that many of them still choose to manage their own accounts they'll write
their passwords down in a document on a post-it note or try to memorize them and this could be for a variety of different reasons including not understanding or trusting these solutions or they just want to get into their account and not be bothered at the moment they're trying
to sign-in and unfortunately many these users end up resetting the same passwords or using insecure ones we heard your feedback on these issues and we're looking to make something better in order to tackle these issues and resolve them we've been working on one tap and block store part
of our new Google identity services library one tap is our new cross-platform sign-in mechanism for web and Android supporting and streamlining multiple types of credentials block store is our new token based sign-in mechanism that's built on top of backup and restore let me walk you through them starting
with one tap to start with there is a fragmented user and developer story as I mentioned our API is don't currently support multiple credential types requiring multiple solutions you also have to worry about making sure that these solutions use work together and make a good experience for your
users of course there's the constant problem of there being weak and reused passwords which are always a security concern users can drop off if they don't remember their password whether they use the password or a different mechanism or if going through the trouble of making an account stops
them in their tracks from using your app we'd like to solve these and make sign in and sign up with easy and secure and we're introducing one tap here's what it looks like users can be prompted to sign into your app with one tap upon app open they
can also sign back into the same account with just one tap signing up once signing in everywhere and supporting several types of credentials as well as cross-platform sign-in to get into some of the details new users can sign up with just one tap without being interrupted by a
signup screen users get a secure token based password list account with their app associated with their Google account on the passwords front you can annotate your field so that Android autofill can save it or we have an explicit password saving option with one tap all of these are
synced automatically returning users can sign into your app with one tap on any device whether they use a Google account or a password all these are available in the same interface to reduce friction and confusion for users and help them come back to the same spot they left
off we've already seen better conversion rates from those who implemented this API and we're really excited to see the benefit that it can bring to you moving on to how this unit the experience a user can sign up anywhere with their Google account through one tap and again
this can be right after app open allowing them to drop right into the action they can sign back and seamlessly when they come back users can also save their password anywhere with google weather during the signup step or otherwise on any Google platform these will be synced and
retrieved seamlessly with one tap when they come back to your app we're unifying the support of credentials on one interface and bringing it together the Android and web platforms as well we've launched one tap on both web and Android and you can find documentation with links on this
page we'd love for you to try them out and give us your feedback and we really hope you find them helpful now moving on to a deeper dive on blocks tour as we all know users need to sign into a ton of apps on day one of using
a new Android device this is true on phones TVs cars and other platforms too and as I said before many users choose to manage their own credentials the combination of these two things can lead to a really frustrating first date experience as people have to remember the credentials
they use for each one of their apps ultimately this friction can lead to some users not re engaging with your apps on a new device how can we help these users make sure they get back into your app with minimal friction that's why we're introducing blocks tour blocks
tour is a new API that provides a way to save user credentials without the friction or some of the security risks associated with saving user passwords here's how it works when the user signs into your app or anytime afterward you can save the authentication token that you generate
for that user to block store and since this is app specific data no consents need to be shown that would slow the user's progress while they're trying to get into your app once you save the token with block store the token is encrypted and stored locally on the
device if the user has cloud backup enabled the token is end-to-end encrypted and also stored in our cloud the data is opaque to Google and you can format your data in any form that your app and server can understand later on when the user returns to your app
on a new device if they go through either a device a device or cloud restore flow block star will retrieve your token the user has already agreed to restore your app data as part of the restore flow so no additional consents are required when the user opens your
app you can request your token and use it to keep the user signed in on the new device they don't even have to see a sign-in screen here's a recap of what block store provides it's a secure end-to-end encrypted credential storage solution for developers it reduces some of
the risks associated with saving plaintext passwords by allowing you to save encrypted tokens instead and it eliminates friction from sign and flows by leveraging the users backup and restore preferences we're hoping to start an early access program by the end of this quarter so please reach out to
us at the following email address if you're interested in joining we'd love to have you so now to bring it all together here is our updated guidance with our new solutions if a user signs up or signs in for the first time you can sign the user up
or in seamlessly with one tap if a user prefers to use a password manager you can annotate your field so that credentials can be auto filled you can also choose to implement the saved password feature of one tap if a user buys a new phone you can eliminate
signing friction with block store one tap sign-in today covers Google accounts and passwords and will also support block store token retrieval by the end of this year so to wrap things up one tap and block store will be part of the unified Google identity services library called GIS
block store tokens will be retrievable using one tap and Google sign in' and smart lock for passwords will be replaced by GIS we hope this library helps bring better sign in and sign up flows to your users and helps make things easier for you if you have any
feedback we'd love to hear we're listening and are here for you thank you [Music]
Nhận xét
Đăng nhận xét