We're deeply connected to our phones, and keeping them safe and secure is
critical, which is why I'm glad to see companies starting to add advanced
security options to new phones. From Motorola to Apple, built-in security
features might be more common in future devices.
Biometrics In Your Hand
In the past, we've looked at some rather exotic efforts to bring
multi-factor authentication and biometrics into the smartphone experience. The
trick is that many of them often require secondary devices, or unusual user
interaction.
Apple might change all that with an expected forthcoming refresh to the
iPhone line. If you believe the rumors, then the next iteration of the iPhone
might feature a fingerprint reader embedded into a sapphire-coated Home
button.
If true, this could go a long way toward securing iPhone users. For one
thing, using the Home button is an established iPhone user operation; people
won't have to learn a new trick to make it work. For another, the most common
way to secure an iPhone is with a four-digit PIN. You can opt to use a far more
complex passphrase lock, but hardly anyone does. Fingerprint scanning could be a
dead-simple way to stay secure.
Perhaps more importantly, an embedded fingerprint scanner could allow app
developers to incorporate tighter security into their apps. Imagine, if you
will, logging into your bank with a finger print (and then also a two-factor
security code, just to be safe). With Apple putting passwords on the cloud with
iOS 7, more security sounds good to me.
Skip a PIN
On the Android side of the house, Motorola announced a new accessoryfor
their Moto X phone called the Skip. I've already got some issues with the Moto
X, and the Skip seems like an interesting—if problematic—tool. It's basically an
NFC clip that you wear on your clothes that takes the place of a PIN code. When
you need to unlock your Moto X, just tap it against the Skip and voila! Your
phone "skips" the PIN code and is unlocked.
In addition to the Skip clip, Motorola is providing Skip dots—or stickers
that provide the same unlocking function of the Skip. The idea is that these
create "zones" where you can interact with the phone, specifically the
voice-activated Google Now features (which I still find kind of creepy).
It's unclear to me if the Skip is actually more secure than using only a
PIN code. Setting aside any kind of bizarre near-field attacks, you can still
unlock the phone with a PIN code as a backup so it's not a radically more
complex method of securing the phone.
What it might do is encourage more users to use a PIN code in the first
place, and keep their phones locked. In my discussions with security experts,
I'm frequently told that the number of Android users that simply leave their
phones unsecured is disconcertingly large. With Skip and Skip dots, PINs might
be less of a hurdle for users.
Looking Ahead
We spend a lot of time on SecurityWatch considering how to handle
worst-case scenarios, rather than preventing them. Personally, I've been pleased
to see phone manufacturers start taking a more proactive security stance,
particularly for the physical security of devices. Google launching the Android
Device Manager last week, and rumored updates to the iPhone warm the cockles of
my heart.
But it's still just a start. Biometrics haven't made significant inroads on
any device, and forthcoming technologies like Google Glass still seem a long way
from being secure. Hopefully, the brains behind the electronic toys will
continue baking in device security.
没有评论:
发表评论