Beruflich Dokumente
Kultur Dokumente
A few months after Apple began selling the iPad in 2010, Mike McCue, a
former employee at Microsoft, and Evan Doll, formerly with Apple, unveiled
the first truly great app for the new tablet computer.
The app was called Flipboard, and in many ways it was a harbinger of the great
mobile-app-fuelled frenzy that would soon overrun much of the Web, especially
news sites.
Flipboard was a personalised tablet magazine - not the first tablet magazine, but
the first worthy of the name. The app scoured your social media profiles to find
stories that people you knew were linking to. Then it arranged those stories into a
beautiful magazine format that you could navigate through intuitive gestures.
A username and password combination has long been the standard security
mechanism for online accounts. But that method just isnt cutting it anymore.
Huge data breaches, in which hackers gain access to personal information, have
risen sharply in the last few years. And consumers have named identity theft their
No. 1 online concern for 14 consecutive years, according to the Federal Trade
Commission.
Sometimes, our existing security infrastructure cant protect us, like when our
personal data is stored in vulnerable databases. But all too often, were our own
worst enemy. Our own weak passwords make it all too easy for hackers to guess
them; we use the same passwords for multiple sites, offering thieves a sort of
skeleton key. And even when were told about data breaches, we dont always
respond by changing passwords or any other behaviours.
The reality is, passwords dont look to be leaving us anytime soon. Still, there are
new ways to make our password-protected world a little safer.
Many of the most ambitious and promising technologies are coming in the realm of
biometrics - that is, using some physical part of yourself like your voice,
fingerprint, facial recognition or an iris scan.
Biometric security systems have long been promised. Those promises have started
to become reality in recent years, and really became mainstream with the
introduction of a fingerprint reader in iPhones last year.
Now, people with the latest iPhones can unlock their phones, authorize purchases
from iTunes and other apps and even pay at some stores by just touching their
finger to their phone. The phone reads the persons fingerprint and approves the
payment.
It used to be a fingerprint sensor had to connect with a USB cable and youd pay
hundreds of dollars, said Hector Hoyos, the chief executive of Hoyos Labs, a
biometric security startup. Now its on your iPhone.
This month, Hoyos company will release 1U, an app that uses facial recognition to
log people into various accounts. The app starts at $30 a year; the price can go up
depending on how many websites and devices you connect to it.
The app doesnt replace passwords entirely. To use it, you must first log into each
online service, like your bank or email account or Facebook, while in the app.
When you want to log into one of those services in the future, you visit the site
through the app and have 1U scan your face with your phones camera. If the scan
is successful, the app logs you in as though you had typed in your password.
Because you dont need to remember your passwords when using the app, you can
set a unique and sophisticated password for each service in the first place. In
addition, the app allows you to set various levels of security for different accounts.
You can choose to have the app scan your face quickly for one account, for
example, and do a liveness test, which will force you to move your eyes and
smile before you can log in, for another account.
The app can connect with your computer, too, so when you want to log in to sites
there, you can glance at your phone for a facial scan instead of entering your
password. The phone sends an encrypted message to the computer authorizing the
login.
The experience isnt perfect: For one thing, you have to go to the sites through the
1U app instead of the apps or the browser you usually use. And looking at your
phone to log into a website on your computer is clunky.
In addition, using 1U wont protect you from a situation in which your username
and password are stolen from some other service that you use, like your bank or a
store where you shop online. But it may encourage you to have different, and
strong, passwords for each service, limiting the potential damage.
EyeLock, a startup in New York, just released Myris, a USB-connected iris scanner
that costs $280.
The iris is one of the most unique human identifiers, as no two are alike. Anthony
Antolino, the chief marketing officer for EyeLock, said the company was working
with companies like Bank of America and had already incorporated its iris
scanning technology into some of its buildings.
As for the Myris device, its essentially an extremely high-tech password manager.
Like the 1U app, it doesnt replace your passwords, it just replaces the need to
enter them when youre logging in to a site or to your computer.
Unlike 1U, though, the Myris software can create new, secure passwords for you
and save them so you dont have to remember them, the way that password
manager programs like LastPass do. And it can import saved passwords from
programs like LastPass.
All those new passwords, and your iris information, is stored on Myris colorful
hockey puck-shaped device that you plug into your computer. Thats a warning,
too: If you lose your device, theres no getting that information back. Youll have
to tediously change every password.
Myris is easy to set up. It has a small mirror on its underside, which you stare at
while sensors on the device read each eye. After the initial setup, you set up your
online accounts using the accompanying EyeLock software.
Using the iris scanner is fun and futuristic, and logging into services is fast - it
takes about a second.
There are multiple downside, though. One is that Myris doesnt work on mobile
devices. Another is that you have to have the device attached to your computer.
And as with 1U, if your password is compromised from a companys servers,
youre out of luck.
Still, using Myris should give you more security than entering a password on your
own. Using the scanner will eliminate keylogging, which happens when malware
on your computer reads your keystrokes and gleans your password. And using a
password manager at all, especially an iris-based one, reduces the likelihood that
youll repeat your passwords or that youll create easy-to-guess ones.
If these two new products dont excite you, rest assured that biometrics are almost
surely headed your way soon.
Brett Beranek, the director of product strategy for voice biometrics at Nuance
Communications, which makes voice-recognition software and technologies, said
most consumers would begin to encounter some kind of biometric systems in the
next few years.
In the last three years, he said, Nuance has gone from 10 million enrolled users to
45 million, as companies like Vanguard, Barclays, T-Mobile and U.S. Bank have
incorporated its voice authentication technology.
What remains unclear, though, is whether there will be one preferred method of
biometric authentication: fingerprint, iris scanning, voice authentication or facial
recognition. And companies will have to make sure that whatever they store on
their servers cant be stolen en masse.
Once those decisions are made, though, biometric readers could be here to stay.
The technology and the knowledge to implement a solution to completely
eradicate usernames and passwords exists today and we have it and it is safe and
convenient, Hoyos said. At what speed corporations adopt it is a different
matter.