This post has been corrected.
If you have GPS turned on on your phone, it knows exactly where you’ve been. Google wants to use that data to figure out if it’s really you logging into your email, calendar or bank account, by matching past logins to your current location.
In a patent awarded to Google today, the company outlined a new login system for computers or phones that uses a range of location technologies to figure out if the device is actually associated with you. The patent suggests that the system would check past locations where you’ve successfully logged into your accounts and compare that to where you are now. Using GPS, your cell network, or your device’s internet connection, the system would log you in to your account if the place that you’re standing matches a place you’ve logged in with a password previously. The patent references other patent applications, as well as articles, about the possibility of replacing passwords with location altogether, but this patent hasn’t reached that far.
Users could also specify a few places that Google should allow them log them in from automatically: a home or office address, for example, or that coffee shop you spend too much time in on weekends. This could, in theory, help prevent fraud: If you usually log in from Hong Kong and now you’re trying to access your account in Las Vegas, the system won’t automatically log you in. Instead, the patent suggests that the system will ask the user to “identify the geographic location of the previous successful login.”
Google is already working on a project to rid us of passwords involving the patterns of our daily lives. The company’s Advanced Technology and Projects (ATAP) lab announced Project Abacus at the I/O developers conference last week. Abacus hopes to dissect the unique cadences in way people use their phones to figure out if a phone’s owner is the one playing with the device. Between that marker and knowing where you are at all times, Google will soon know you better than you know yourself.
Google was not immediately available for comment on its plans for the patent.
Correction (June 2): This post originally stated that Google was awarded a patent for a system that could log users in without the need for a password. This is not the case. The patent states that a user would need to provide “login credentials” before verifying their location.