Your Android Phone Is a Security Key

Phishing—when an attacker tries to trick you into turning over your online credentials—is the most common cause of security breaches. While any form of 2SV, like SMS text message codes and push notifications, improves the security of your account, sophisticated attackers can skirt around them by targeting you with a fake sign-in page to steal your credentials. These physical security keys protect your account from phishers by requiring you to tap your key during suspicious or unrecognized sign-in attempts.

Source: blog.google