Security

How Google is helping you stay safe and secure with your passwords

Can never be too safe

Published

on

Google Security

The internet has played a big part in making people’s lives easier and more convenient–from connecting people through emails and social media, online shopping, banking, entertainment and more.

All users have to do is to create accounts for various programs online, which means using their main email addresses and crafting strong passwords to ensure safety.

Nowadays, creating passwords can still be a hassle, that’s why some people resort to easy-to-remember yet vulnerable passwords or keep the same password across all platforms. These may still pose a threat and lead to security risks which can compromise a person’s privacy, their documents, data, and money online.

This is why Google is developing products that are secure to keep people safer online in a way that’s more convenient for them. In celebration of Cybersecurity Awareness Month, here are all the ways Google is making people’s sign-in safer.

Safe and seamless log-ins with Google’s Password Manager

Every day, Google checks the security of over a billion passwords to protect accounts from being hacked. The tech giant has a Password Manager, which is built directly into Chrome, Android and the Google App.

This uses the latest security technology to keep passwords safe across all the sites and apps. It also makes it easier for people to create and use strong and unique passwords on multiple devices, without the need to remember or repeat each one.

On iOS, people can select Chrome to autofill saved passwords in other apps, too, allowing people to sign-in with just one tap. Chrome is also planning to have iOS adapt the same strong password generation feature, similar to how Autofill with Google works on Android today.

A new feature will also be rolled out in the Google app that allows people to access all of the passwords they’ve saved in Google Password Manager right from the Google app menu.

These enhancements are designed to make your password experience easier and safer across the web, minus the hassle of having to note down or remember different passwords for different accounts like Facebook, Twitter, Instagram, Spotify, Netflix, Canva and more.

Enrolling in Two-Step verification 

As attackers still persist in hacking or obtaining illegally what they could, adding a second form of authentication which serves as an extra layer of protection dramatically decreases the chances of getting compromised.

For years, Google has been at the forefront of innovation in two-step verification (2SV), one of the most reliable ways to prevent unauthorized access to accounts and networks.

Two-step verification is strongest when it combines both “something you know”–your password–and “something you have”–like your phone or a security key.

To make 2SV more convenient, a Google prompt will now allow people to simply tap on their mobile devices to prove it’s really them trying to sign in, which guarantees virtually 100% safety provided user’s devices, like their phones, are taken good care of.

Google has also stepped its game when it comes to two-factor authentication, as it has begun automatically configuring people’s accounts into a more secure state.

By the end of 2021, Google plans to auto-enroll an additional 150 million Google accounts in 2SV and require 2 million YouTube creators to turn it on—basically making all Google-related accounts more secure across all its services and products.

At the moment, only Google accounts that have the proper backup mechanisms in place are being auto-enrolled to 2SV. To make sure your account has the right settings in place, take our quick Security Checkup.

Adding security keys into devices

Another innovation Google takes pride in is its security key—a form of authentication that requires people to tap their key during suspicious sign-in attempts.

Say for example, you logged in your GMail into a new device, Google will automatically send a message to your existing device, say a phone, to ask you whether it was you signing in or not.

All you have to do is press either yes or no, or in some cases, Google will ask follow-up questions to make sure nothing gets compromised.

By default, only you can access these prompt-up messages since only you have the control over your phone or your other devices.

Security keys provide the highest degree of sign-in security possible. In fact, Google has partnered with organizations to provide free security keys to over 10,000 people this year who might be vulnerable when it comes to their online security.

Security keys are accessible, as they are built right into Android phones and Google Smart Lock app on Apple devices.

Today, over two billion devices around the world automatically support the strongest, most convenient 2SV technology available.

Towards a safe and secure future

Google recently launched One Tap along with a new family of Identity APIs called Google Identity Services which uses secure tokens, rather than passwords, to sign people into partner websites and apps, like Reddit and Pinterest.

It combines Google’s advanced security with easy sign in to deliver a convenient experience that keeps people safe.

These new services represent the future of authentication and protect against more advanced vulnerabilities like clickjacking, pixel tracking, and other web and app-based threats.

Ultimately, Google wants everyone to have an easy, seamless sign-in experience that includes the best security protections across all of their devices and accounts.

Features

Why I trust Samsung’s Knox security

A nod to the security platform that makes me feel safe and protected

Published

on

A smartphone is like a treasure trove in the age of the Internet. Filled with confidential information for personal and business use. A gold mine of data that can be used by big companies to improve technology. Or an opportunity for hackers and criminals to steal and sell as valuable resources.

I’m no stranger to discussions about cybersecurity and data privacy, even though my himbo veneer begs to differ. Two years ago, I attended a conference mounted to discuss the importance and value of data as a commodity in this era.  I learned what technology giants like Samsung and Huawei are doing to protect the new currency of the digital age.

Coming full circle, cyberattacks have increased in the past two years. Samsung knows this all too well, bringing Knox Platform to the front — end-to-end protection they have had for several years already.

The ultimate defense

In 2019, I was lucky to be given an audience with the South Korean giant executives to learn and discuss what Knox is. Samsung Philippines’ Product and Solutions Manager Anton Andres explained how Knox Platform works, and how it sets them apart from other brands when it comes to Android security.

Knox was just a security platform that automatically encrypts and decrypts information every time you boot up the device.

It’s embedded on a Galaxy smartphone or any smart device marketed with Knox’s security during a secure supply chain, offering real-time protection to actively safeguard devices against data attacks or malware.

Any unauthorized attempts to access your phone’s core are blocked in real-time. Even a device as old as a Samsung Galaxy S8 was compromised and reset, Knox automatically blows the fuse to wipe your corporate or personal info. Therefore, preventing any data leakage and security risks.

Knox also lock-up apps containing sensitive data such as Samsung Pay, Samsung Pass, Secure Folder, or Samsung Health — especially when the smartphone was booted in an unapproved state.

Samsung Galaxy Watch4 | Samsung Health

Apart from the platform security, the South Korean company delivers solutions like Knox Manage and Knox Configure — services that let enterprises customize Galaxy smartphones and tablets, as well as control the device and user interactions for safety and security.

Keeping your network safe

Aside from my interview with Andres, I was also able to speak with David Kim, Samsung Mobile B2B Asia’s Corporate VP and Chief Revenue Officer.

Kim stated how important your network is, and how you can only control the hardware, software, and who access the phones. The executive added, “There are also Wi-Fi and networks. If someone can sneak in your network, they can sneak in your email.”

Public Wi-Fis are one example of an unsafe network that might compromise your security. Free Wi-Fi sounds nice. You’re not going to spend a single dime. But it’s also a pot of gold for hackers trying to steal data — personal information such as your credit card purchases.

I haven’t connected to public Wi-Fi for more than three years due to the awareness of the risks it poses to my security. And because I’m privileged enough to buy large data allocation for my Internet use and have consistent network signal.

But not everyone is in the same position like I am. Luckily, Samsung gives you the capability to encrypt outgoing internet traffic and disable tracking apps and websites.

With a Galaxy smartphone, you can activate Secure Wi-Fi so you can browse the internet safely on public wireless connections without fear of security breaches.

Handling your sensitive data

Some people have poor privacy habits: Using the same passwords across different platforms. Admittedly, I was once like that. But using Samsung Pass throughout the years helped me easily access my credentials. Without needing to remember countless usernames and passwords.

Samsung’s use of innovative biometric authentication technology helps average users and techies alike to keep themselves protected — whether it’s Samsung Pass or an Ultrasonic Fingerprint.

If you’re still wary, I’d understand. But your biometrics data — no matter how many — are safely stored in Knox Vault. It’s a processor operating independently from the main CPU to securely isolate your information.

What you need to be cautious about are phishers waiting to attack. These are cybercriminals who might trick you into handing over sensitive information. Oftentimes, they attack by installing malware disguised as links, attachments, or even legitimate apps, on your devices.

The possibilities are endless on what these criminals can do if they have access to your sensitive information. They can use it to demand a ransom, steal your personal information and apply for loans without your knowledge, and even make purchases with your credit card information.

Though Samsung continuously scans your device for malware or suspicious activity via McAfee protection, we need to do our part as well in keeping ourselves safe.

White House approved

All these multi-layers of security are one of the reasons why Samsung believes they’re more secure than any other brand. The Samsung Mobile B2B Asia Vice President confidently claimed to GadgetMatch, “We don’t have a perfect security rating, but we are well received. That’s why the White House is comfortable with us.”

After all, Samsung designs, creates, and validates every computer chip, piece of wiring, and hardware component before lodging them into smart devices manufactured. This approach gave Samsung control over design, manufacturing, and assembly which ensures a secure supply chain.

Further, it prevents unauthorized backdoor access in each device that hackers won’t easily bypass. As a rule, don’t download unofficial or unauthorized apps lest you open up yourself to vulnerability.

Be careful of what you download

At the end of the day, it’s about you and your relationship with your smartphone and the Internet. Samsung’s Product and Solutions Manager Anton Andres warned about downloading third-party apps, especially keyboards. Yes, it can make your keyboard look pretty, but it also compromises your security.

“If you access your mobile banking credentials on a third-party keyboard, they can phish your information,” Andres said. “With Samsung Knox, we identify specific applications and URLs. Once identified, Knox automatically hides your information to prevent potential threats.”

Samsung is constantly updating the Knox Platform and its security solutions. If you haven’t had the time to keep yourselves extra secure, this is your sign to do it now.

In the meantime, let our response be: In Knox we trust. 🙏

Continue Reading

News

All MediaTek processors found with vulnerabilities

Thankfully patched now

Published

on

Technology is imperfect. Though the tech world has a plethora of revolutionary features, it also has a handful of vulnerabilities that malicious parties can exploit with gusto. And, as long as that world keeps advancing, weaknesses will always be found. In a new report, a whopping 37 percent of all smartphones was found with a critical vulnerability.

Reported by Check Point Research, MediaTek’s processors apparently have a vulnerability embedded into their AI and audio components. Currently, MediaTek is one of the most popular processor brands in the world. The company’s lineup, including the Dimensity series, is found in around 37 percent of smartphones and devices around the world.

In their report, Check Point Research tried to reverse-engineer the processor’s audio components. Because of its architecture, a hacker can create a custom message that can access the feature remotely. As such, victimized devices can eavesdrop on their users without them knowing.

By the time that Check Point Research published the report, MediaTek already patched the vulnerability out from its current lineup. It was fixed in October and will be officially reported in the company’s December newsletter.

Of course, it all depends on whether users will keep their devices updated with the latest software releases. If you want to prevent your phones from getting victimized, always keep them updated with security updates pushed by your respective brand.

SEE ALSO: MediaTek Pentonic 2000 will power flagship 8K 120Hz TVs

Continue Reading

Apps

Here are 151 fake apps you should uninstall immediately

Avoid SMS scams!

Published

on

The Play Store is a dangerous minefield. If you’re not careful, you might end up installing unwanted malware on your device. Unfortunately, such scams will always pervade even the most secure app stores. One of our best lines of defense is a reliable security research firm to warn us of ongoing scams. The latest report names 151 fake apps that might be draining money from your credit card right now.

Named by Avast, the UltimaSMS scam currently spreads its evil through 151 confirmed apps on the Play Store. The scam was named after the first app it was discovered in, Ultima Keyboard 3D Pro. Since then, more and more apps were included in the list.

The list of apps spans a lot of different flavors and uses including custom keyboards, wallpapers, games, cameras, and Wi-Fi unlocking tools. Naturally, all the apps listed have one thing in common: They don’t work. Once installed, the fake app asks users for their phone number and other identify features. The app then subscribes the user to premium SMS services using the number, unbeknownst to the victim.

The subscription can cost as much as US$ 40, draining money from the user’s account monthly. Once the app accomplishes its goal, it just stops working or prompts the user to subscribe to other plans themselves.

You can view the full list of 151 fake apps here.

Obviously, if you have any of the above apps, uninstall them immediately. However, the first line of defense against malware is still our own decision-making. Don’t install unverified apps or apps that promise seemingly impossible features like unlocking Wi-Fi networks.

Continue Reading

Trending