Project Vault is Google’s bid to rid us of passwords

Google has long said it intends to make passwords obsolete, but before last week it wasn’t clear how the company planned to achieve that feat.

At Google I/O, the Mountain View-based company showed off two new initiatives aimed at helping make Internet users more safe and secure. The first was Smart Lock for Passwords, the company’s take on a password manager. The second, and more interesting of the two, was Project Vault.

Announced on the second day of Google I/O by the company’s Advance Technologies and Projects group, the same part of Google that showed off a radar-based gesture system, Project Vault is a secure computer that fits inside of a microSD slot.

Inside of that small package is an ARM processor, 4GB of storage, an NFC chip and antenna. It’s all held together by a real-time operating system (RTOS) that presents malicious users fewer opportunities to break into the device. Any operating system that interacts with Vault will see it as a generic file system, so almost any operating system, including Android, Windows, OS X and Linux, can take advantage of its encryption capabilities. This also means that developers don’t need to do a lot of additional work to make their app to work with Vault.

However, more than just being a minuscule computer, Vault is a new way to authenticate users without the use of a password. Vault tracks a person’s usage activity and typing patterns, as well as several other factors, to develop a so-called “Trust Score”. According to ATAP, this method of authenticating a user is 10 times more effective than a password.

ATAP has released an open source Vault development kit that developers can access on GitHub ahead of its official launch.