By SOMINI SENGUPTA The New York Timeshow does a machine verify the identity of a human being? irises, heartbeats, fingertips and voices, for starters.迷你倉apple’s two new iphones include a model with a fingerprint sensor that can be used instead of a passcode to open the phone and buy products. it is part of a trove of authenti-cation tools being developed for consumers.among the most novel of biometric au-thentication tools is a new wristband devel-oped by cryptographers at the university of toronto. it contains a voltmeter to read a heartbeat.“you put it on. it knows it’s you. it commu-nicates that identity securely to everything around you,” said Karl martin, one of its cre-ators.Security is a primary selling point of the wristband, nymi. While a heart can be bro-ken, mr. martin promises that a heartbeat cannot.these new technologies arrive against the backdrop of mounting concerns over secu-rity and privacy, as the old ways of verifying identity online have been exposed as risky. many user names and passwords have been stolen from a variety of popular sites, and last month, it was discovered that even passwords as long as 55 characters could be broken.Clef, a start-up firm in San Francisco, has developed a mobile app that lets you send an encrypted key from a mobile app to a desk-top computer. then, the Web site you are trying to enter can effectively recognize you based on your phone, instead of a typed-in password.launchKey, a las Vegas start-up that is in a testing phase, also looks to the mo-bile phone for authentication. you register with launchKey and connect your account to a particular cellphone. then, when you log into a Web site or mobile app that accepts the start-up’s service, it sends a notification to that phone. us-ing an app, you move an icon on the screen to authorize au-thentication.the start-up OneiD, based in redwood City, California, offers a single sign-on that can be used on various Web sites and devices. in a video, an en-gineer at OneiD, Jim Fenton, demonstrated how he used OneiD to open his garage door at home.the weakness of many new internet-connected devices, mr. Fenton said, is protecting secure access.“if you connect all these things to the in-ternet, you need to have good ways — good from a security standpoint and a conve-nience standpoint — good ways to con-trol access to thinmini storages,” he said. “having user names and passwords is not a good solutionfor every device.”biometric authentication tools, like fin-gerprint readers, have already been put in devices like laptops, but they have not always worked correctly. it remains to be seen how well apple’s new fingerprint sensor will work, and whether users will adopt it.at the same time, biometric sensors raise questions of security. When apple’s sensor was announced, skepticism and privacy concerns erupted online even though apple said users’ fingerprints would be stored only on the phone — not sent to online servers or made available to app developers.technologists say just one trick is unlikely to unlock the problem of authentication. One set of tools may verify identity on Web sites; another may unlock cars; still another could grant access to bank accounts.a coalition of hardware and software companies, calling itself the Fido alliance, is working on a set of specifications for pass-word alternatives that the industry can rally around. its guidelines are expected to be released at the end of the year. Companies affiliated with Fido are already testing prod-ucts, like fingerprint readers and software that recognizes faces and voices. One day, users might be able to log into a favorite e-commerce site by speaking into a computer and buy something with a gaze at a mobile paypal app.Facebook has perhaps had the most suc-cess in becoming a one-stop identity verifica-tion service. millions of Web sites allow us-ers to log in with their Facebook credentials, which is also a way for Facebook to get to know you better — and serve you more tai-lored ads. the dangers are obvious. a thief with your Facebook credentials can pretend to be you across the Web.mozilla has been trying to popularize its persona alternative to that single sign-on system. mozilla makes sure your e-mailprovider verifies that the account belongs to you. then, for every site that accepts a per-sona login, you can log in with the original verified e-mail.a more fantastical solution is being devel-oped in a lab at the university of California, berkeley. Computer scientists there say a simple and cheap headset will be able to read your brain waves to verify your thoughts — and save you the work of typing in a pass-word.Devices that can identify a user through a voice or heartbeat.self storage
- Sep 22 Sun 2013 14:14
-
Making sure your machine knows it is you
請先 登入 以發表留言。