Google to employ Android and iOS devices to thwart phishing attacks

Google is exploring employing Android and iOS devices as if they were physical security keys in an effort to combat phishing attacks. At Google I/O annual developer conference, the company announced to adopt functionality of security keys such as its own Titan Security Key into mobile devices, which will utilise Bluetooth to verify that they are in close proximity to the device the user wishes to log into.

“Like physical security keys, this helps prevent a distant attacker from tricking you into approving a sign-in on their browser, giving us an added layer of security against the kind of ‘person in the middle’ attacks that can still work against SMS or Google Prompt,” said Google engineer Daniel Margolis in a blog post.

The tech behemoth will also increase the types of Google Prompt challenges that users may encounter in the event of failed and/or suspicious login attempts. Consequently, a new Google Prompt challenge will require users to connect their mobile devices to the same Wi-Fi network as the device they are attempting to get into. Google also intends to strengthen phishing defences for its Google Suite services, such as Docs, Sheets, and Slides.

Advertisement

‹

EVENT

Saksham Bharat 2026

A multi-stakeholder dialogue on skilling gap in Cybersecurity, Data Resilience and AI — and the roadmap to a Saksham Bharat.

📅 Tue, 26 May 2026

📍 Mumbai, Bengaluru, Delhi

Register Now →

EVENT

VeeamON 2026 Tour India - Mumbai

A VeeamON 2026 India Leadership Series Mumbai for senior public sector and government technology leaders.

📅 Tue, 26 May 2026

📍 Grand Hyatt, BKC

Register Now →

EVENT

Cyber Surakshit Uttar Pradesh

Find out strategies, frameworks and solutions for building a resilient and secure digital ecosystem across Uttar Pradesh.

📅 Thu, 28 May 2026

📍 Lucknow

Register Now →

EVENT

VeeamON 2026 Tour India - Bengaluru

A VeeamON 2026 India Leadership Series Bengaluru for senior public sector and government technology leaders.

📅 Wed, 03 Jun 2026

📍 JW Marriott Hotel

Register Now →

EVENT

VeeamON 2026 Tour India - Delhi

A VeeamON 2026 India Leadership Series Delhi for senior public sector and government technology leaders.

📅 Fri, 19 Jun 2026

📍 Shangri-La Eros

Register Now →

EVENT

Infosec Reimagined

Infosec Reimagined 2026 is the premier information security summit where top leaders—CISOs, CROs, CIOs, CTOs and risk executives—converge to redefine cyber resilience.

📅 Fri, 26 Jun 2026

📍 New Delhi

Register Now →

EVENT

Digital Senate

Digital Senate is a premier conference uniting government leaders, technologists and innovators to share ideas, success stories and strategies on digital governance, public sector transformation, cybersecurity and emerging technologies in India.

📅 Thu, 30 Jul 2026

📍 New Delhi

Register Now →

EVENT

CIO Prism

CIO Prism unites forward-thinking technology leaders to exchange transformative insights, shape digital strategies, and foster innovation, empowering enterprises to excel in an era of rapid technological change.

📅 Fri, 18 Sep 2026

📍 Goa

Register Now →

›

Google also stated that their new security push may not function everywhere, particularly on devices that lack Bluetooth or browsers that lack security keys. In order to prevent attackers from taking advantage of inaccessible security keys, the corporation reportedly provides backups.

“Over time, as FIDO2 authentication becomes more widely available, we expect to be able to make it the default for many of our users, and to rely on stronger versions of our existing challenges to provide secure fallbacks,” Daniel adds.

Google stated that phishing attacks have long been viewed as a persistent threat, but current breakthroughs provide them with the capacity to help more of their users remain safe online.