We've all pretty much figured out by now that a username and password aren't always enough to keep what's private safe, especially on the Internet. The new app Bionic Identiy by Bionic Labs taps into an important part of our lives - our social circle to verify who we are.
Trusting another person to make sure we are who we say we are on the Internet...isn't that tricky? Not so say the app's founders. They reason that there's a conneciton between two people that is easy to authenticate via voice, video or text but difficult to replicate.
For especially security-critical tasks, there will be two to three people assigned to verify your identity called 'Guardians', set up in advance on either Android or iPhone devices. A video or audio call lasting ten seconds is made to each Guardian, just enough so the Guardian can naturally authenticate a user's identity. At the end of the call, Guardians will have a simple choice between yes and no in verifying the user's identity.
A trusted circle
Rather than just limit the app to your usual 'circle of trust', Bionic Identity redefines it as a group of people who can verify who you are based on different criteria. Your golfing buddies would know, for instance, what club or course you favour, that time you ran over some celeb's caddy with a buggy or the colour of your favourite golf shirt. Your after-work drinking buddies would know things like your favourite drinking hole, the name of the waiter you argue with all the time and other things unique to that circle.
The verification process does grow stronger when friends are combined from various sources, whether neighbours, followers on social networks or family. Any of these individuals, though, could make mistakes in identifying you which is why there won't be just one person verifying you.
How many Guardians the app needs can be varied according to tasks. For credit card payments, maybe just one or two people. For things like huge transactions or money transfers, maybe three or four.
As to the app's inbuilt security, its makers are using military grade encryption though it does intend to make public the full details and logic behind Bionic Identity's encryption choices as part of peer review.
Interestingly, Bionic Identity has what is called anti-collusion protection to prevent Guardians from trying to game the app to hurt the user.
When will the app be appearing? Likely later this summer, with consumers getting the web and mobile app for free while enterprise consumers will have to pay.
In the meantime, you can try mobile phone apps like Cerberus to give you a little extra peace of mind.