Posted on September 4, 2013|by: Clay Calvert| 1 Comment

Does anyone like entering passwords? Short passwords are not so bad, but the best passwords are long and difficult to remember, and can be tedious to enter on a smart phone or tablet.

Have you ever forgotten the credentials needed to log in? Any of us can look back “fondly” at those times we’ve had to call the helpdesk, sheepishly, and ask for a password reset. This scenario wastes not only your time, but that of the person on the other end of the phone, and of course this is an opportunity for social engineers, AKA bad guys, to try and steal your credentials.

Password
Imagine an easier way to authenticate: by simply putting your hand on a computer mouse, or just by holding a smartphone or tablet. Your credentials could almost be a part of your body. This method would utilize something other than biometrics, because fingerprints can be copied fairly easily, as in this MythBusters episode. And as we all know, we can’t replace our fingerprints the way we can have a password reset.
Many modern smart phones come with a Near Field Communication (NFC) chip which can be used to send wireless data from a very, very short distance. I will cover NFC in more detail in another blog post but note that NFC devices essentially have to touch to transfer information, unlike RFID which has a longer range.

NFClogo

John McLear beat me to it, but he (with his team) designed an NFC ring. Let’s think about that for a moment; to have an authentication device that is with you all the time to the point that it is almost an afterthought. Many of us forget about our wedding rings, and I’m not talking about the vows associated with them, just their presence on our fingers. A plain ring rarely gets in the way and can be worn during most activities, including swimming. Too many times I’ve forgotten my smart card type badge, but my wedding ring has been on my finger for years. Now I can use something so unassuming to log into my cell phone, or to use a tablet.

NFCringsMice manufacturers have started adding NFC chips to these pointing devices solely to make pairing with laptops easier. Let’s take that to the next level and put the NFC chips near the top of the mouse which, when in contact with an NFC ring, would then send an unlock signal to the computer. Everyone in a family, or an office, could log into their own profiles in a seamless fashion, without having to remember a password. That being said, for greater security an NFC ring could be used with a PIN for an extra factor of authentication.
Let’s not stop at computing devices. NFC door locks already exist and can be seen in action on the ring’s KickStarter page. Imagine an NFC reader built right into a door knob. The act of grabbing the handle could unlock the door. What about car doors, or even the ignition? School lockers even?

NFC rings, as with all authentication mechanisms, will not be perfect, but they have the potential of being an interesting extra factor for authentication, and are certainly better than phones and computers with no passwords.   If NFC authentication works out, say goodbye to sheepish calls to the help desk…and hello to access with just a touch.

Filed in: Cybersecurity, Technology

One Comment

  1. October 7, 2013 at 12:24 pm

    Good write up man :) I hope you approve of the way we handled security, we have a long road to travel but it’s a start :)

Your email is kept private. Required fields are marked *

*
*