“There are only three ways to identify a person, namely: something you know such as a password or PIN; something you own such as a credit card or mobile phone; and something you are such as a fingerprint or retinal scan. The idea behind two-factor authentication is to bring two of these methods together to introduce a much stronger level of security.”
So tells us SecurEnvoy co-founder Andy Kemshall, whose company is one of the leading lights in this particular area of digital security. The idea is simple: if one of the methods is compromised – say, somebody pinches your credit card – the remaining method will prevent it from being used, and protect you long enough to take action.
SecurEnvoy makes two-factor verification systems for mobile technology, with its OneSwipe system allowing you to use a simple PIN/mobile device combination to unlock apps and login to sites on your computer; there’s no need to key in a long password. At the moment, the mobile device displays a one-time QR code on its screen, which can then be read by the computer’s webcam – but very soon SecurEnvoy promises to make the process even simpler.
Yep, you’ve guessed it: NFC. Why go through the bother of pointing your phone at your laptop’s camera when you can simply enter a PIN then tap the two together to authenticate? Of course, you’ll need a PC with its own NFC chip for this to work, otherwise you’ll be back to using the QR code/webcam method.
The company is first bringing the NFC technology to Windows 10 phones, tablets and laptops – but other devices are on the horizon. Android phones and tablets are getting the NFC flavour of OneSwipe later this year, as well as iOS devices if and when Apple opens up its NFC chips for third-party app use; and beyond that Kemshall tells us that there are big plans for smartwatches, including the Apple Watch: “Most smartwatches work on the basis of an extension of the app that runs on the corresponding smartphone, and SecurEnvoy will be leveraging these standard extensions to include the largest possible number of wearable devices. We’ll be leveraging a combination of NFC if the watch supports it, or a QR code displayed on the watch interface or a simple six digit code, again, pushed to the watch’s interface.”
So there you have it: in addition to keeping you constantly updated with notifications, tracking your heart-rate and, er, telling you the time, your smartwatch will also be able to log you in to your online banking service, Facebook or authenticate app purchases.
NFC OneSwipe is currently in prototype, but will be demoed at the RSA conference, which takes place next week in San Francisco. Expect more news concerning a release date then.