Google Titan hardware security key made by Chinese company Feitian

Google on Thursday began selling a new piece of hardware called the Titan security key, which is designed to add another layer of protection for online security. But the company has faced some criticism for producing the key in China through a partnership with manufacturer Feitian, according to a report from CNBC.

The product is labeled as being “Produced in China,” meaning, like many consumer electronics, that the security key is manufactured there. Some security experts, such as Adam Meyers at the security firm CloudStrike who was interviewed by the Information, say that having production overseas leaves Google open to infiltration by hackers or even the Chinese government during the assembly process.

Google has said that the hardware that provides the keys’ security is sealed before it heads to the manufacturer to guard against supply chain attacks. The company declined to comment further.

To use Google’s key, you first set it up to work with your Google account or other supported service to act as a second security backstop when you log in. After you enter your user name and password, you’ll be asked to hit a button on your key to show that it’s really you. It’s basically a physical version of what’s called two-factor authentication – which uses two different steps to verify your identity.

Some companies have been using security tokens or keys for years, most notably the “SecurID” system invented in 1993 and eventually bought by RSA and marketed to businesses that deal with sensitive information. As more of our lives have moved online, keys have found some popularity among the more security-conscious worried about weaknesses in other two-factor systems.

Google has tested the key with its 85,000 employees and said in a blog post that there has not been a successful phishing attack at Google since the company started using the process.

In addition to a Google account, the Titan key should work with Dropbox, Facebook, Twitter, Salesforce, Bank of America and any other account that uses the same security standard, which is called FIDO – short for Fast Identity Online. You can see a list of companies that use this standard on the FIDO Alliance website.

Getting a physical key is a high-security step to take, and many people may find it complicated. It may not be a must-have for everyone. But it’s not an unreasonable step to take, considering how much information we all keep online.

Those who buy the Titan key should protect it like any other key they own. If you should lose it, as with any other key, replacement will be a pain and could leave you locked out for a couple of days.

Google’s Titan security key costs $50 and is available only in the United States.

  • Share your mind about this:

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

Infosys to buy majority stake in ABN AMRO’s mortgage unit
OYO acquires midscale Chinese hotel brand Qianyu
Netmeds acquires health tech startup KiViHealth
Agri-tech startup DeHaat raises pre-Series A funding
Alibaba buys 14% stake in China courier firm in $693M deal
Hyundai in talks with Ola to pump upto $300 Mn as strategic fund
Grofers raises $60 Mn in Series F round from SoftBank
Basic Dining Table Etiquettes That You Should Follow
Black Shark 2 With Snapdragon 855 and 12GB RAM goes official
Amazon Alexa can aid doctors during surgeries
Samsung Galaxy S10 series India launch date revealed
HDMI 2.1 Explained: Everything You Need to Know in One Place
Softbank-backed OYO to acquire FreshMenu in a $50-60 Mn deal
DesignCafe bags Rs 200 cr funding from WestBridge Capital
OnePlus Explorer Backpack goes on sale for Rs. 4,990
Bengaluru startup Doodhwala to raise ₹85 crore