X

Why can't Wear OS smartwatches be security keys too?

Commentary: It's time to let wearables be our password helpers.

Scott Stein Editor at Large
I started with CNET reviewing laptops in 2009. Now I explore wearable tech, VR/AR, tablets, gaming and future/emerging trends in our changing world. Other obsessions include magic, immersive theater, puzzles, board games, cooking, improv and the New York Jets. My background includes an MFA in theater which I apply to thinking about immersive experiences of the future.
Expertise VR and AR, gaming, metaverse technologies, wearable tech, tablets Credentials
  • Nearly 20 years writing about tech, and over a decade reviewing wearable tech, VR, and AR products and apps
Scott Stein
2 min read
Sarah Tew/CNET

Google's campus boasts fewer hacks and greater security over the last year and a half, thanks to little keychains that replace entering passwords. Google is selling its own Titan Security Key later this summer, in both USB/NFC and Bluetooth versions. CNET's Alfred Ng has already been using one. Last year, I tried something similar, briefly: the Token Ring, a wearable with its own fingerprint scanner that can replace logging into websites.

With Apple, Samsung and Google all expected to launch new smartwatches later this year, I say: It's time to let wearables be our password helpers, too.

Android P, the next version of Google's mobile OS, is already bring better biometric security features. Browsers including Chrome, Firefox and Edge have been adding support for two-factor authentication this year, allowing keychains, phones, smartwatches or rings to act as password replacements.

The Apple Watch already can unlock Macs, but can't act as a universal log-in enabler across iOS or MacOS, like Touch ID or Face ID can when linked into Apple's iCloud Keychain.

tokenring5

The Token Ring, announced last year, already has two-factor security.

Scott Stein/CNET

Watches can be used to help with two-factor already, getting texts or using mobile apps to get authorization codes. I use mine regularly for this. And Google does have Authenticator codes that can help.

But what I want is something basic and easy: a way to scan and swipe and log in instantly. Like Google's Titan Key, but without a keychain fob.

The Token Ring seemed like a solid step in that direction... except I don't really wear tech rings. But what about smartwatches?

07-titan-key

The Titan Security Key will come in both a USB and Bluetooth version.

Sarah Tew/CNET

YubiCo's Yubikey USB keychains already work like Google's Titan Security Key, via USB and NFC, but YubiCo doesn't consider a Bluetooth option good enough. Google obviously does. Somewhere between, though, watches could blend Bluetooth, NFC or even other sensors, standing in as the sort of helpful wireless access tool that I've wanted them to be all along.

Smartwatches don't currently have fingerprint sensors to add extra security, but they do have passcodes. Google and Qualcomm's upcoming wave of new Wear OS smartwatches might help add extra security elements, who knows. Or, perhaps, what if Google's own Pixel smartwatch does?

It's still unclear how likely such a thing is, but 2018 seems like the perfect time to enable wearables to do more to help. If Google's having this type of success with its physical keychains, what about the rest of us?

Amazfit Bip is amazingly good for the price

See all photos