Google Keeps Phishing Hacks at Bay with Security Keys

Date: 2018-07-29
Author: Joakim Thorén, CEO

Google Keeps Phishing Hacks at Bay with Security Keys

We all know strong security requires more than just a user name and password and have long been proponents of the cost-effective nature of smart cards and security keys. Managing those keys and cards (both physical and digital) is the basis of our business, after all!

But it’s always nice to hear very positive affirmation of physical security solutions from some of the industry’s biggest players. Such affirmation came earlier this month when a Google spokesperson confirmed to KrebsOnSecurity that since the internet giant began using smart keys in early 2017, none of its 85,000 employees have succumbed to a phishing attack.

Phishing attacks are those in which the perpetrator attempts to lure someone into providing information that makes it easier for the hacker to get into that user’s system – such as a password or other log-in details. When users also must have a secondary means of egress into the system, such as a one-time code, physical or virtual security card or smart key, hackers have a much more difficult time.

In an article about Google’s success with smart keys, Tech Times noted that there have been some hackers recently who have succeeded in intercepting one-time codes, which typically are sent through SMS messages. Whether or not that was Google’s reasoning behind moving to the physical smart keys was not discussed in the article.

In research credited to Google, phishing was listed as the greatest and most predominant threat for Google accounts. Other hacking methods that topped the list were keyloggers and third-party breaches.

Want to avoid phishing schemes? Security keys, cards or other means of two-factor authentication are very important, but just as important is letting users know they should NOT respond to suspicious emails (it’s unlikely an African king really wants to share his money with you to protect it from overthrowers of his government).

At as little as $20 each, physical security keys and cards from Versasec partners including Gemalto and Yubico, can easily prove their worth. With many breaches costing companies millions of dollars in lost revenues plus even greater damage to their reputations as safe places to do businesses, physical and digital security solutions that incorporate two-factor authentication are truly the way to go.

Google affirmed it, but 2FA’s value is worth exploring for all companies, whether behemoths or SMBs. Click on our CHAT button on the Versasec website to discuss how you can implement 2FA in your environment.

Tags: yubico, two-factor, smartcard, authentication, gemalto, cybersecurity, real-time phishing, google.


Our product suite provides all the software tools to administrate and manage credentials in a secure and convenient way.

Start here

Free Product Trial

Versasec provides enabling IT security products centered on the usage of security devices such as smart cards. Our solutions enable customers to securely authenticate, issue and manage user credentials more cost effectively. Get a free product trial.

Job Openings

We are always looking for new exceptional persons to join our team! Find out more about our job openings.

Versasec Support

Versasec customers with an existing support and maintenance contract can access the Versasec Support Portal, offering extensive professional support and maintenance services. The Versasec Support Portal offers a variety of services, allowing for customers and any site visitor to communicate directly with support engineers.

Contact Support

Company Blog

Our blog addresses the latest security trends and stories. The posts discuss how identity and access management are playing a larger role in keeping corporate data safe as well as brand reputations intact.

Visit our Blog
Share this article