Google to Replace SMS With QR Codes For Gmail Authentication

Google is planning to replace text messages with more secure QR codes for Gmail authentication. In a conversation with Forbes, Gmail spokesperson Ross Richendrfer explained that SMS-based authentication can be hazardous and that using QR codes will reduce the risk of phishing attacks.

“Over the next few months, we will be reimagining how we verify phone numbers,” Richendrfer told Forbes. “Specifically, instead of entering your number and receiving a 6-digit code, you’ll see a QR code being displayed, which you need to scan with the camera app on your phone.”

Google has been relying on text messages to verify users’ identities and prevent criminals from creating Gmail accounts in batches for spam purposes. However, as Richendrfer pointed out, SMS authentication can be risky “if a fraudster can easily trick a carrier into getting hold of someone’s phone number.”

As Google plans to move away from SMS authentication for Gmail accounts, the company will also continue to push users to replace passwords with passkeys. In theory, passkeys make it easier to sign into an account using a fingerprint, face scan, or screen lock. In practice, however, using passkeys across different devices can be complex as it requires using cloud syncing services or third-party password managers.