Google is in full-on enterprise announcement mode, today being the second of three days dedicated to its business-centric Cloud Next conference. One interesting tidbit that's been making the rounds (independently of an announcement at the event itself, so far) is some new security hardware Google plans on selling in its store. This isn't anything so glamorous as a new phone, tablet, or Chromebook, though: They're a pair of hardware 2FA security keys.
The devices are apparently collectively called the Titan Security Key, and, as noted by 9to5Google, the two keys look pretty much identical to the Feitan ePass FIDO -NFC and MultiPass FIDO. We aren't sure how related this might be to Google's previously announced Titan enterprise security hardware, but CNET was allegedly able to confirm that these will be making use of different hardware.
This isn't just out of the blue, either. Some of you may remember as far back as Monday when the news that none of Google's employees fell prey to phishing attacks since the company switched to hardware 2FA security keys. According to CNET, an earlier version of this key is what they used internally. With less than 10% of Gmail users enabling two-factor security, it's in everyone's best interests to make the switch.
Details are sparse, and Google's site for the product has more marketing than meat to it, but both of the new keys should support NFC as well. The larger model appears to have a USB-C port for charging and Bluetooth Low Energy support as well, which is a bit out of the ordinary. In fact, Yubico felt the need to point out that it isn't involved with this product at all, although it worked together with Google previously. The company considers BLE a security risk and a power concern, resulting in a poor user experience.
Odds are FIDO U2F support should be included, but until Google releases more information about the Titan Security Keys, it's anyone's guess.
Google's motivation behind selling these new keys is, at least partly, price. At $30-100+, hardware 2FA keys with good feature sets can get expensive. According to a quote CNET received from Christaan Brand, product manager for identity and security at Google, "We're not quite happy where these devices are out of reach for customers who can't afford it. We're thinking that hopefully at some point in time, these keys can be in the sub-$10 range." Hopefully, these Titan keys are on the cheaper side.
Google is currently selling the new security keys to its Google Cloud customers, but they will soon be available in the Google Store as well. Although enterprise security isn't the sort of thing most people get too excited about, these products will actually be consumer-facing. The more people switch to hardware 2FA, the better.