Here’s how Android Identity Check smartwatch support will work
Joe Maring / Android Authority
TL;DR
- Identity Check offers an extra layer of protection when someone steals both your phone and your PIN.
- By requiring biometrics, Identity Check attempts to limit the harm bad actors could do.
- Google is working to let you bypass that biometric requirement when your device is connected to a trusted smartwatch.
We all want our devices to be secure, but practical considerations mean we’re often striking a balance between security and convenience. That’s not a bad thing at all, as we don’t always need to be taking advantage of every security protection available to us, and systems like Android’s Identity Check are built for just this reason, letting us get away with just using a PIN or biometrics when we’re at home, but beefing up security and insisting on both when outside a trusted location.
Just last week, we looked at one way Identity Check could soon be changing, with the tool evolving to recognizing the presence of your connected smartwatch. At the time it wasn’t yet clear exactly how the watch would alter Identity Check’s behavior, but now it’s starting to come into focus.
⚠️ An APK teardown helps predict features that may arrive on a service in the future based on work-in-progress code. However, it is possible that such predicted features may not make it to a public release.
Identity Check is designed to help save your bacon when you’re in just about the worst situation: someone else not only has your phone, but they also have your PIN. Maybe they shoulder-surfed while you were unlocking the phone, or used threats to get you to reveal it, but Identity Check is built to assume that your PIN’s been compromised. That’s exactly why it also insists upon biometric authentication when trying to access saved passwords or change critical security settings from anywhere other than a trusted location.
Here are the strings we spotted last time we looked:
Code
With your watch connected, Identity Check automatically recognizes you while maintaining your security even when you’re not in a trusted location
Protection on the move with watch Those made it clear that Google’s working on a way for Identity Check to use the presence of a paired watch as a signal of trust, just in the way a location already can. But what we didn’t have at the time was confirmation of how Identity Check would work differently when it sensed your watch.
Looking through the new 25.31.30 beta release of Google Play Services, we’ve spotted an additional string that provides some answers:
Code
Outside of trusted places like your home
• If you have a connected watch, you can use either biometrics or your PIN
• If you don’t have a connected watch, you’ll be required to use Fingerprint or Face Unlock There we go: When you’re using Identity Check with a smartwatch it recognizes, you’ll be able to bypass the need to enter a PIN, even when away from home. Basically, it’s like two-factor authentication, and you’ve got to choose any two of the three: PIN, biometrics, or the presence of your watch.
We supposed it is conceivable that someone manages to learn your PIN, steal your phone, and also take your smartwatch, so hopefully there’s a setting to choose whether or not we want to take advantage of this option once it finally arrives.
Thank you for being part of our community. Read our Comment Policy before posting.
