• Google recently updated its two-factor authentication app to add a cross-device sync feature.
• Analysis of the privacy update revealed that the sync process is not end-to-end encrypted.
• Cybersecurity experts have asked users to exercise caution as the new feature may not be completely secure.

Google’s recent update for its two-factor authentication app introduced a widely demanded feature where users can synchronize secrets across multiple devices. However, a thorough analysis of the privacy update revealed that the secrets were not completely encrypted and Google has the ability to see the secrets.

Cybersecurity duo Mysk took to Twitter earlier today to share the results of their analysis of Google’s new privacy update. According to the security researchers, the network traffic when the app syncs the secrets is not end-to-end encrypted. This essentially means that Google can see the secrets, even when they’re stored on its servers.

While the update allows users to sign in with their Google Account and sync two-factor authentication secrets across their iOS and Android devices, the secrets are technically vulnerable. If a malicious actor manages to ga…

The post Google’s New Privacy Update May Not Be Completely Secure appeared first on Coin Edition.

• Google recently updated its two-factor authentication app to add a cross-device sync feature.
• Analysis of the privacy update revealed that the sync process is not end-to-end encrypted.
• Cybersecurity experts have asked users to exercise caution as the new feature may not be completely secure.

Google’s recent update for its two-factor authentication app introduced a widely demanded feature where users can synchronize secrets across multiple devices. However, a thorough analysis of the privacy update revealed that the secrets were not completely encrypted and Google has the ability to see the secrets.

Cybersecurity duo Mysk took to Twitter earlier today to share the results of their analysis of Google’s new privacy update. According to the security researchers, the network traffic when the app syncs the secrets is not end-to-end encrypted. This essentially means that Google can see the secrets, even when they’re stored on its servers.

While the update allows users to sign in with their Google Account and sync two-factor authentication secrets across their iOS and Android devices, the secrets are technically vulnerable. If a malicious actor manages to ga…

The post Google’s New Privacy Update May Not Be Completely Secure appeared first on Coin Edition.