Feral Jundi

Tuesday, June 8, 2010

PMC 2.0: Biometric Security For Mobile Devices

     I am digging this, because if government or private industry wants to fully integrate mobile devices into their operations, security is paramount. Any means of either shutting down a device remotely or automatically if it is breached, stolen or lost, is a good idea.  I could also see a bio-button having application for other tools of this industry.

     For one, a bio-button could be used to control the fire control mechanism of a sidearm? Meaning if someone takes your weapon or god forbid you lost it, then it would not be capable of firing because it is outside of the range of the bio-button.  Just don’t lose the bio-button! lol You could also apply the bio-button concept to vehicles, safes, entry points, you name it. Although I would put a manual over ride on the button, just incase there is a problem or an attacker uses some kind of electronics frying weapon. Cyber warfare comes to mind with these kinds of devices as well, hence why it is so important to have a strategy within the organization to deal with these threats.

     One cool thing with losing the bio-button according to these guys, is that you can shut down everything remotely using a computer. The other handy feature is the button can be set up to vibrate if for chance, whatever you are tracking has gotten out of your range.  You could also use such a device for close protection, and have a specialist carrying the button and the principal having the mobile device.  Lot’s of uses for something like this. I could also see bio-buttons being integrated into every day items that we keep on us anyways.  A watch, a necklace, a ring, sunglasses, etc.  I look at a device like this as adding redundancy to your sensitive/valuable equipment management system. I don’t look at it as way to shirk personal responsibility towards managing your stuff, but it could definitely help.

    It can also help companies to ensure their stuff is being taken care of by their employees or contractors.  If the device can be shut down remotely, well then it can be monitored remotely as well.  A company can tell if an employee or contractor has that equipment within their reach or not, and this is just one more way of insuring accountability of that equipment.  Stuff to think about and this is definitely PMC 2.0 material. –Matt

—————————————————————–

 

Microlatch ID me Solution

The new Bluetooth ‘bio-button’ mobile security system

Microlatch and a Sydney based development group has created a system that will conveniently and effectively shut down internet fraud, at the same time create a convenient all in one, secure mobile phone (or mobile device) solution to access control, mobile banking, online shopping, home automation, alarm systems, computer and network logins and any number of customised access or login scenarios.

This innovative, patented, three factor securi ty approach using biometrics to provide positive ID in conjunction with mobile phones using a bluetooth interface will allow users to harness the processing power of the modern mobile device in a convenient yet secure form.

User controlled and ‘user friendly’, this method of ensuring positive ID via a biometric ‘Bio-button’ wirelessly ‘paired and tethered’ to a mobile device resolves the security risks inherent with keeping the ‘registered users’ biometric data and digital keys stored on such devices.

For example, a convenient ‘one time’ biometric authentication via the separate ‘Bio-button’ to a ‘smart phone’ allows the user to make full use of the enormous computing and processing power now available in this type of mobile platform.

By utilising the processing power and wireless connectivity available to users via such devices, the ‘id-me’application will allow users to configure various levels of security thereby providing the user customised, secure physical access but also allowing expansion into ‘positive ID’ security for financial institutions, online payment systems, online shopping, contact-less payment systems etc.

The system utilises a patented, wireless connection method using a ‘Bio-button’ paired and tethered to a mobile platform. The token when released will be about the size of a large coin, the user authenticates the device when switching the mobile device on and establishes an ‘authenticated’ connection that then ‘tethers’ the ‘Bio-button’ to the mobile device for as long as determined by the user.

Once tethered the ‘Bio-button’ can be placed conveniently in a pocket, or a bag and as long as the ‘Bio-button’ remains in the range of the mobile device, the authentication will remain active.

This means that if the phone or mobile device is stolen or is moved away from the token then the pairing is disconnected and the authentication broken.

A side benefit to this scenario is that ‘Bio-button’ would vibrate if the pairing is broken, signaling the user that they have been separated from their mobile equipment. Should the ‘Bio-button’ be stolen or inadvertently lost (or left behind) then the mobile device when configured correctly will also signal the user. For example the phone would ring, vibrate or place a message on the screen or a combination of all three when separated from the ‘Bio-button’.

Whilst the ‘Bio-button’ remains ‘in field’ of the mobile device, the device is ‘biometrically authorised’ to access any number of access controls or secure transactions via a convenient, software interface and utilising any communication connection available to it through the mobile device…such as WiFi, bluetooth or even physical connections such as USB.

If the mobile device is stolen, the pairing is broken and the encrypted contents of the ‘mobile device stored’ digital keys cannot be accessed.

The application will be designed so the user can safely make an encrypted backup of their stored keys. This backup can be downloaded onto a new mobile device and easily activated via the original ‘Bio-button’. To ensure a complete satisfactory user experience with the ‘id-me’ solution, the ‘Bio-button’ will also act as a ‘user configured’ emergency ‘set of keys’ in manual, ‘stand alone’ mode. Additionally, should the user be presented with a ‘worst case scenario’, a ‘tethered’ mobile device and ‘Bio-button’ being stolen simultaneously then the user, through a secure, registered website can remotely ‘break the tether’, thereby rendering the contents of the mobile device safe and completely inaccessible to the ‘would be’ thief.

Link to website here.

——————————————————————-

New solution offers biometric security to mobile devices

Published 8 June 2010

Aussie company offers a biometric security solution for mobile devices; a Bio-button token is authenticated by the user, and as long as the Bio-button remains in the range of the mobile device, the authentication will remain active. This means that if the phone or mobile device is stolen, lost, or moved away from the token, the pairing is disconnected and the authentication broken.

As more and more people use mobile devices even for sensitive transactions, the need to offer security solutions for such transactions becomes more urgent. A solution from Sydney, Australia-based Microlatch caught our eye. The company recognized this need, and is offering a new Bluetooth “bio-button” mobile security system. Microlatch says it has created a system that will conveniently and effectively shut down Internet fraud while, at the same time, creating a convenient all-in-one, secure mobile phone (or mobile device) solution to access control, mobile banking, online shopping, home automation, alarm systems, computer and network logins, and any number of customized access or login scenarios.

The patented, three factor security approach uses biometrics to provide positive ID in conjunction with mobile phones using a bluetooth interface.

The company says that this method of ensuring positive ID through a biometric “Bio-button,” which is wirelessly paired and tethered to a mobile device, resolves the security risks inherent in keeping the registered users’ biometric data and digital keys stored on such devices.

The “id-me” application allows users to configure various levels of security. The Bio-button is a token paired and tethered to a mobile platform. The token is about the size of a large coin, and the user authenticates the device when switching the mobile device on to establish an authenticated connection that then tethers the Bio-button to the mobile device for as long as the user wants.

Once tethered, the Bio-button can be placed in a pocket or a bag. As long as the Bio-button remains in the range of the mobile device, the authentication will remain active. This means that if the phone or mobile device is stolen, lost, or moved away from the token, the pairing is disconnected and the authentication broken.

The Bio-button also vibrates if the pairing is broken, signaling the user that they have been separated from their mobile equipment. Conversely, if the Bio-button itself is stolen or lost, then the mobile device, when configured correctly, will also signal the user by ringing, vibrating, or placing a message on the screen — or a combination of all three.

While the Bio-button remains “in field” of (or “tethered” to) the mobile device, the device is biometrically authorized to access any number of access controls or secure transactions via a software interface and utilizing different communication connections available to it through the mobile device, .such as WiFi, Bluetooth, or physical connections such as USB.

If the mobile device is stolen, the pairing is broken and the encrypted contents of the “mobile device stored” digital keys cannot be accessed.

The company says the application will be designed so the user can safely make an encrypted backup of their stored keys. This backup can be downloaded onto a new mobile device and activated via the original Bio-button.

The company notes that the Bio-button will also act as a user-configured emergency “set of keys” in manual, stand-alone mode. Additionally, in a worst case scenario — that is, if both a tethered mobile device and the Bio-button are stolen or lost simultaneously — then the user, through a secure, registered Web site can remotely break the tether, thus rendering the contents of the mobile device safe and inaccessible to the “would be” thief.

Link to story here.

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress