This addition to our case study series is a contributed post from Google, summarizing a recent paper and study by Google’s Juan Lang, Alexei Czeskis, Dirk Balfanz, Marius Schilder, Christiaan Brand, and Sampath Srinivas.

At Google, we prefer to make data-driven decisions based on statistical and empirical verification. This is particularly true when the security and privacy of more than billion users are stake, so we applied this philosophy to verify the practical benefits of deploying FIDO-based Security Keys to our more than 50,000 employees.

Security Keys are devices that make 2-Step Verification for our users easier, and more secure. Our two-year deployment and its analysis provide clear confirmation of how well FIDO’s approach is suited to making strong authentication more usable. During this time, we also integrated support for Security Keys in Google’s Chrome browser and consumer-facing web applications.

The full results of our two-year research study are available in our paper Security Keys: Practical Cryptographic Second Factors for the Modern Web; here’s a synopsis:

What We Set Out To Do

The goal for Security Keys is stronger security, high user satisfaction, and lower support costs. Our system design goals required Security Keys to be easy to use; easy for developers to integrate with a website via simple APIs; non-trackability to ensure privacy; and protect users from password reuse, phishing, and man-in-the-middle attacks. The currently most common version of our Security Key is a tiny dongle that plugs into a computer’s USB port, although the Security Key’s underlying protocols are standardized and can also be used via NFC (contactless) and Bluetooth Low Energy.

Comparing Options

In our evaluation, we compared the standard baseline of password authentication, shown in Table 1, with Security Keys, smartphone-based one-time password (OTP) generators, and Two-Step verification over Short Message System (SMS). Benefits of each were noted for usability, deployability and security. Our evaluation of these technologies and criteria followed The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes by Joseph Bonneau et al.

While no option is perfect, we found that Security Keys provide the strongest security with the best mix of usability and deployability. See details of the comparison in Table 1 of our published study.

Performance Results

Some metrics of performance are pretty hard to quantify, such as ease of use. Our employees have been very happy with the switch to Security Keys and we have received many instances of unsolicited positive feedback. With Security Keys, Google employees (and external consumers using this supported option) now have stronger protection against phishing, including well-known campaigns that have elsewhere resulted in major breaches. However, since the impact of this benefit can only be measured in terms of what did not happen, it’s quite difficult to quantify the result.

We can, however, quantify other benefits: for time spent authenticating with security keys, total average time for the process dropped nearly two-thirds compared to an OTP with SMS (see “Fig. 6” below, from our study). Since an authentication executes in milliseconds, virtually all of this time savings directly benefits users, which may account for the overwhelmingly positive reaction.

With Security Keys, there were zero authentication failures. In our examination of the time period studied, the failure rate for OTP-based authentications was 3%.

Google’s support costs also dropped with Security Keys. Our support organization estimates that we save thousands of hours per year by using Security Keys instead of OTPs for authentication.

Google issued one Security Key per computer or about two Security Keys per employee. With the associated boost in user productivity and lower support cost, we felt this was worth the extra hardware cost. For consumers, multiple vendors provide Security Keys at different prices – some as low as $6 USD. Since consumers need only one device rather than one device per account or site, the resulting cost, in our opinion, approaches the “negligible cost per user” suggested by Bonneau et al.

Conclusion

Our study documents how Security Keys improve 2-SV on the web. They protect users against password reuse, phishing, and man-in-the-middle attacks by generating cryptographic assertions over the website’s URL and properties of the transport layer security (TLS) connection. Security Keys also score favorably in the usability framework established by Bonneau et al. Our analysis of performance benefits in the two-year deployment study measures a significant reduction of sign-in times experienced by users and a reduction in burden on a support organization. Our Security Key deployment is based on the open Security Key protocol as standardized in the FIDO Alliance as U2F. This standard is supported by major browsers and login system of large web service providers such as Google, GitHub and Dropbox. We hope our research serves as an academic foundation to study and improve Security Keys going forward.

Google Case Study: Strong Authentication for Employees and Consumers from FIDO Alliance