Google is rolling out two new safety features for Messages, including the launch of Android Key Verifier.
After previewing last year and sharing more details in May, Key Verifier is “now available to all Android 10+ users” to protect against impersonators and fraudsters. This system uses QR codes to provide “extra assurance that your end-to-end encrypted messages are truly private with the right person on the other end.”
Available with RCS, open a conversation, tap on their name in the top bar., and scroll down for “Verify keys.” The other person has to do the same on their device.
Have them tap “Your QR code,” while you hit “Scan contact’s QR code.” This workflow should also be available in the Google Contacts app under “Connected apps.” You’ll get a “Keys verified” confirmation afterwards.
“Keys no longer verified” will appear if a contact’s key changes. Google explains how keys could change in day-to-day usage:
- Your contact gets a new device or SIM card.
- The contact keys’ time-bound validity expires.
- There’s an upgrade to the underlying encryption protocol.
However, malicious reasons why keys would change include:
- Man-in-the-middle attack: If a malicious party intercepts the initial key exchange and replaces the keys with their own.
- SIM swapping: If a malicious party convinces a carrier to transfer a phone number that they don’t own to a SIM card they control.
Make sure the Android System Key Verifier app is up-to-date on your device along with Google Messages and Contacts. In the future, Google will roll out “more protections built on Key Verifier to keep you safe from scams and fraud.”
Meanwhile, if you receive a spam text with links, Google Messages will “stop you from visiting the potentially harmful website, unless you explicitly mark the message as “not spam.” This new protection is now available globally.
FTC: We use income earning auto affiliate links. More.
Comments