Blog Tags: authentication applications
Posted: Friday,September 19,2014
When Nike launched its Nike+ FuelBand in 2012 there were few, if any, other wearable fitness wristbands available, and at the time appeared to be just another nifty tool to track the progress of our exercise regimens. Not so anymore with mobile device giant Apple jumping into the wearable technology arena this week with its Watch. Apple joins a rapidly growing market that includes Fitbit, Jawbone, Misfit Wearables and even Ralph Lauren who just debuted its new Polo Tech shirt on opening day of the US Open that merges biometrics into active lifestyle apparel. Many of these start-ups are beginning to receive some serious funding from the VC community. According to Cromwell Schubarth, Senior Technology Reporter at Silicon Valley Business Journal, in his September 9th article, Wearables are hot: Here's who invested and who got the most VC funding, “database research firm CB Insights issued a report that said $1.4 billion in ventu...
Posted: Friday,June 06,2014
As most people know by now, Apple announced at their WWDC this week that they are opening Touch ID APIs to 3rd party developers. This is a great next step for the biometrics industry, as it introduces a means to use Touch ID for mobile payments and other transactions. The implications, however, are greatly understated.
Apple’s model for protecting a user’s fingerprint is that the user’s credentials are kept securely on the device and never shared over the network. This is very consistent with the model advocated by the FIDO Alliance, and this decision now opens up the possibility for IOS devices to be used as part of FIDO deployments. While the devil is in the details (we need to learn more about the specifics of the new Touch ID APIs), it seems feasible for a FIDO client to integrate with the Touch ID sensor using the new APIs.
But what does it have to do with other biometric m...
Posted: Thursday,May 29,2014
Last week the FIDO Alliance (www.fidoalliance.org) had its first plenary meeting in Europe. Organized by Oberthur Technologies, we enjoyed a rainy spring week in Paris, by the Seine. We had perfect organization and very useful meetings. New members joined the sessions, VISA was announced as the newest board member, and Authentify announced that they will be using FIDO fingerprint authenticator already built into Samsun Galaxy S5 to authenticate their customers.
As a founding FIDO member, it is impressive to see the FIDO ecosystem growing at the speed of light. Now, attending a FIDO meeting is an opportunity to connect with almost any company in the world you could want to meet. The organizers, both those local and FIDO staff, did a great job to make the meetings productive.
The FIDO Allianc...
Posted: Friday,April 25,2014
The latest fingerprint spoofing incident, demonstrated by researchers from Germany-based Security Research Labs on the Samsung Galaxy S5, highlights the prevailing confusion over the differences between spoofing and hacking a device and the subsequent risks they present to users and service providers. Both Apple iPhone 5S and Samsung Galaxy S5 fingerprint sensor attacks were spoofs. The devices were defeated by imitating a single fingerprint. This is very different from a hack, which could compromise a high volume of users at once.
In both the fingerprint spoofing cases, neither the device nor the user credentials were compromised. This would have to be accomplished by a hack, which requires a break-in of a device and subsequent theft of the biometric template and related data, or by the depositing of malware. So how do we maintain the security of personal, biometric data?
In a FIDO authentication mod...
Posted: Friday,November 15,2013
Can we spoof a good Voice Biometrics Engine recording the owner’s voice? No, if it is a secure engine. But many engines in the market are easily spoofed.
We have seen how soon a team in Germany was able to spoof the Apple Touch ID. We must admit that the spoof is quite complicated and does not create any serious problems for the normal user of iPhone 5S. We should expect a lot of these as soon as Voice ID becomes a real alternative for device authentication. Are we ready?
Voice Biometrics has a bad reputation regarding spoofing. In Hollywood, you will probably remember this sequence of the movie “The Bourne Ultimat...