Google has released tools to allow developers to begin integrating the OAuth user authorisation technology for Android apps.
The tech, also used by Facebook and Twitter to allow users to connect with external apps and services, may eventually replace the need to type in multiple passwords for apps on Android devices.
The OAuth 2.0 tools, available for developers from the Google Play Store starting Thursday, will eventually allow users (on Android v2.2 and higher) access to many services, simply through their Google account password.
Access tokens
Once developers, whose apps require access to Google's APIs, have integrated the OAuth tools, it will enable "access tokens" to be sent between the device and the app.
This will replace the need for a user to create a new account or enter a complicated password, while also giving the service provider access to the user data it requires.
Users will then stay signed into that service, and then rely on the various types of password protection on the handset itself to stay secure, rather than an individual app password.
Too many passwords
Google first announced its intentions to integrate the OAuth tech within Android back at I/O earlier this summer.
The company said the driving force behind the tech is to trim the number of passwords each user has to remember and to remove the hassle of typing convoluted passwords on a virtual keyboard.
"The internet already has too many usernames and passwords, and they don't scale," wrote Tim Bray on the Android Developers Blog.
"Furthermore, your Android device has a strong notion of who you are. In this situation, the industry consensus is that OAuth 2.0 is a good choice for the job, offering the promise of strong security minus passwords."
For more information about OAuth and what it could mean for the ongoing security of your mobile device, check out our OAuth: What you need to know feature.
Source : techradar[dot]com
Post a Comment