The perfect password? You've put your finger on it
From CNET Magazine: Fingerprint readers, which are more convenient and more secure than passcodes, could finally do away with the weakest link in almost any security system.
It's a common occurrence. I grab my iPad, place my thumb on the home key and wait for the main screen to pop up.
And nothing happens.
I often forget my 3-year-old iPad came out before Apple embraced the fingerprint sensor. But it's a testament to how conditioned I am to unlocking my iPhone 6 with my finger that I expect the same convenience from my tablet. It's only after a moment that I -- slightly embarrassed and annoyed -- tap in my passcode.
I doubt I'm alone. Thanks to newer smartphones and tablets from Apple and Samsung, fingerprint sensors have gone mainstream. And in May, Google said it will also support sensors in its Android mobile operating system. It's easy to see why. These sensors are more convenient than a numeric passcode. They're also a lot more secure.
A fingerprint is difficult (but not impossible) to steal. And because verification happens right on the tablet or smartphone, your fingerprint information doesn't travel online, where it could get nicked. Passwords, on the other hand, are the weakest link in almost any security system. Their vulnerability lies, in part, on password overload -- a symptom of our logging in to dozens of websites, each requiring a user ID and password.
ADVERTISEMENT
Experts say each password should be unique. Raise your hand if you use the same password for almost every website you visit. That's a big problem, because some of those sites have strong security safeguards, others not so much. Hackers who steal passwords from one site can, with a little time and patience, get into the online equivalent of Fort Knox.
But they can't easily steal your body's unique biometrics. (Emphasis on "easily," since skilled hackers can replicate fingerprints from a photo.)
That's why fingerprint sensors serve as the crux of all new mobile-payment systems.
"Your fingerprint is one of the best passwords in the world," Dan Riccio, Apple's head of hardware engineering, says in a 2013 promotional video for the iPhone 5S. "It's always with you, and no two are exactly alike. So it made perfect sense to create a simple, seamless way to use it as a password."
Mobile-app makers have been quick to capitalize on Apple's Touch ID. These include developers of financial apps, like Mint and American Express; shopping apps, such as Rent the Runway and Amazon; and file-sharing apps like Dropbox. By 2019, people will be downloading fingerprint-enabled apps more than 770 million times a year, according to Juniper Research.
The Apple effect
Back in 2004, IBM was the first company to include a built-in fingerprint reader with a PC. Seven years later Motorola was the first to add a sensor to a smartphone. But its sensors weren't always accurate and required users to swipe their finger -- an extra, unnatural gesture that sometimes worked, sometimes didn't.
Apple's innovation in 2013 was making fingerprint reading dead simple to use. It did this by placing the sensor beneath the iPhone's home key and taking advantage of a gesture everyone already uses: resting your finger on the button. That, along with more reliable fingerprint-recognition technology, helped kick biometrics into the mainstream.
"The integration into mobile devices is really a big step forward for overall adoption and trust of the technology," says Daniel Hays, a consultant for PricewaterhouseCoopers. "Fingerprint scanning is the choice du jour because it's easy to understand and interact with."
Samsung added a similar touch sensor in its Galaxy S6 smartphone. Others are expected to roll out fingerprint readers this year and into 2016, says Rick Bergman, CEO of Synaptics, which makes the sensor used in the Galaxy S6. He declined to say who those vendors will be.
Death to passwords
Most tech companies will tell you passwords are lousy at protecting your data. The most commonly used password is "123456," according to password-management application provider SplashData. The next most popular? "Password."
Even complicated passwords can be stolen, because they're stored online. That's created a booming market on the so-called Dark Web, where hackers buy and sell passwords. And remember, a password pinched from one site will often open dozens more.
That's why heavy hitters such as Google, Microsoft, Samsung and Visa are banding together to figure out ways to get around the password -- with fingerprint recognition a key alternative.
Fingerprint readers, however, aren't the end-all, be-all of security. They're not completely accurate. They could potentially accept forged fingerprints. They are only as safe as the security used by your bank, retailer or card company. And, as with everything else, they will eventually be hacked.
But for all the security talk, being able to rest my finger on my iPhone and watch it come to life is good enough -- for now.
How stupid is your password?
These are the top 10 most commonly used passwords from 2014. Do you recognize any of them?
1. 123456
2. password
3. 12345
4. 12345678
5. qwerty
6. 123456789
7. 1234
8. baseball
9. dragon
10. football
This story appears in the summer edition of CNET Magazine. For other magazine stories, go here.
Featured Video
Google, HTC vets turn to consumers to fund a cloud-based smartphone
Startup Nextbit launches its first smartphone as a Kickstarter project. Early commitments will nab the device, named "Robin," for $299.
One startup will leave the fate of its first smartphone up to the people.
Nextbit, run by executives who formerly worked at Google and HTC, launched on Tuesday its first smartphone -- named "Robin" -- through a crowdsourced Kickstarter project. The company will hold a 30-day campaign with the goal of selling at least $500,000 worth of products.
Early takers will be able to nab Robin for $299, while other Kickstarter participants can purchase the smartphone for $349. The smartphone, however, won't be released until January, and will retail for $399 at that point.
It's the latest attempt by a smartphone maker to bring a product directly to consumers -- with Nextbit taking an even more extreme approach through Kickstarter. The Robin is one of a new wave of smartphones attempting to style themselves under the mantra of an affordable, yet premium smartphone. Nextbit's Robin promises to have many of the same bells and whistles as Apple's iPhone, which starts at $650 without a contract.
"The lower you go, the more people you reach," Nextbit CEO Tom Moss said in an interview last month.
Normally, you could ignore a startup with promises of a super smartphone stacked with the latest specifications. But because of Nextbit's pedigree, you can at least keep an open mind about the little-known company. Moss and Chief Technology Officer Mike Chan both worked at Google on the company's Android project in the early days, while Chief Product Officer Scott Croyle led the HTC team that launched the critically acclaimed One M7 and M8 smartphones.
Virtual storage
The marquee feature of Robin (a gender-neutral name picked because it was deemed "friendly and approachable") is its storage. While Robin comes with 32 gigabytes of internal storage, it boasts a total of 100GB of storage when factoring its ability to tap into the cloud for additional resources. That's enough space to store the high-definition version of "The Lord of the Rings" trilogy -- five times over.
It's when you fill up the first 32GB that Nextbit works its magic. To save space, Nextbit will move apps, photos and other files that you haven't accessed for a while into the cloud -- that is, off the device in your hands and onto computers you access over the Internet. While an icon for an offloaded app remains on your phone, it's grayed out as a "shadow icon" to indicate that it's being held for you.
If you need to access an app, the phone will re-download it with all of your settings and account information intact. Likewise, thumbnails of your photos and videos will remain on the phone, while the actual file sits on the cloud waiting to be accessed.
Over time, the phone will learn your preferred apps and files and will figure out which ones to store in the cloud, Moss said.
Nextbit said it will wait until the smartphone is on a Wi-Fi network and plugged in to an outlet before it does any uploading or downloading, although users can opt to force a download as long as they have a signal.
"I'm very anal about power management," Chan said.
High-end specifications
A rundown of Robin's internal specifications finds a smartphone in line with other premium devices in the market.
Nextbit has struck a deal with Foxconn, the same Chinese smartphone manufacturer that constructs Apple's iPhone, to build Robin.
The smartphone boasts a 5.2-inch full high-definition display, a 13-megapixel rear camera that Croyle boasts can focus on subjects faster, a 5-megapixel front-facing camera, 3GB of RAM to handle multiple applications at once, a 2,680 mAh battery, an NFC (near-field communication) chip to allow for mobile payments and a smaller USB Type-C port to connect a charger or cable to link your PC. It employs the same high-end Qualcomm Snapdragon processor that powers the LG G4 smartphone.
Robin also features a fingerprint reader built into the home key, which is located on the right side of the phone. Nextbit comes with an unlocked "bootloader," which allows you to fiddle with Robin's software for drastic changes. Unlike other smartphone vendors, Nextbit said it would honor the warranty no matter how much you tweak the software on the phone.
The smartphone will ship with Android Lollipop, and the company is working on using the latest version, Android Marshmallow, Chan said.
Initially, Robin comes in two colors, a black version with dark blue highlights on the top and bottom, and white version with aqua highlights. In the rear is a cloud logo with four small LED dots that light up whenever you move something to your virtual storage.
Robin opts for a simple design with sharp angles. Most of the phone employs metal injected with plastic and a paint overcoat, while the end caps at the top and bottom are made from plastic with a rubber feel to them.
The phone will initially work on AT&T and T-Mobile, and Nextbit is working on compatibility with Verizon Wireless and Sprint.
Community outreach
The launch of Robin is just the beginning for the smartphone. Croyle said Nextbit has plans to improve the performance of the phone over time through software tricks.
That's a bold promise -- one that Nextbit needs as it hopes to stand out in a crowded room filled with other flashy smartphones. Unlike other big names like Motorola and Samsung, no one has heard of Nextbit. That's a problem in an industry where name brand provides a significant advantage.
Moss hopes to build a connection between consumers to spur interest in his product, saying the relationship with the customer will "make or break" the company. It's partly why Moss wanted to go with Kickstarter -- he said that the 30-day campaign would allow him to gather consumer feedback on the product and demand.
"We want to engage with the community early," he said. "We want to get them pumped and excited."
No comments:
Post a Comment
Please leave a comment-- or suggestions, particularly of topics and places you'd like to see covered