Passwords are prehistory. Passwords are dead. We’re going to end passwords. Sounds familiar? Google probably has millions of results for each of these searches. Yet, for as long as I can remember – since the rise of the World Wide Web at least – passwords have been fingerpointed as the flaw in this otherwise amazingly well engineered system. Read More
Following Apple’s introduction of a fingerprint sensor on iPhone 5s in 2013, smartphones increasingly come with a biometric sensor. Market research firms expect that 100% of the installed base will have some form of embedded biometrics by 2020 – this is not yet a commodity, but it will come fast. inWebo has therefore upgraded its solutions to support biometry as a second factor. This option is available on request to all customers, existing as well as prospects still evaluating inWebo (free trial).
Upon activation of this option, it offers 2 alternatives, “biometry enabled” or “biometry forced”. The former applies to services that require users to enter a PIN as a second factor. Users who opt for it replace that PIN with biometrics. The latter mandates biometry as the second factor, therefore adding the authentication service on a smartphone will succeed only if that smartphone has a fingerprint sensor.
Biometry as a second factor can implemented with
- inWebo Authenticator version 4.2.0 or higher. The App supports Apple TouchID, as well as fingerprint sensors on Android Marshmallow (6.0+) smartphones.
- inWebo mAccess version (0.)2.8 or higher. Developers can use mAccess library to support fingerprint biometry in their App but also virtually any kind of biometry (voice, face…), as long as it is implemented with a “match on card” mechanism (i.e. the biometric data is stored and verified locally on the smartphone). The mAccess library documentation on inWebo developer website provides a complete implementation for fingerprint sensors.
The biometry as a second factor option can be requested by checking a box when you create an evaluation account (here), or when you upgrade a basic plan to a premium one (there). You can also ask our solutions experts about it.
The search for alternative, safe, easy, and inexpensive user authentication methods has become a very central question due to the rise of attacks targeting and defeating user passwords (see e.g. link). However, “inexpensive” at the Internet scale is contradictory to “safe”, so the search for better compromises than passwords looks both like a Graal quest and squaring the circle. In this post, I look at how secure the proposed alternatives are. Read More
Rumors that Apple would integrate a biometric sensor in its future iPhone are even older than Apple’s acquisition of Australian fingerprint technology company Authentec in July 2012. These rumors inflated this summer, to the point that they seemed less rumors than a well distillated teasing by Cupertino.