This is pretty amazing -- they gave me Skype-based demo when I was being briefed -- much like the YouTube video above -- it's amazing to see someone tap on an application like Facebook and the application "looks at you" and recognizes you and grants you immediate access.
And the higher security stuff that also requires voice identification -- and that works even in noisy environments -- is really rather clever.
>> The idea of having the security verification on the device, rather than in the cloud, has a lot of appeal.
That is the most important improvement in security in the last 5 years. The premise is that unless you have control of the hardware, you cannot get access. No one has respected the patent because it was a bad guy Kim DotCOM that filed it many years ago. Everyone is violating it. That happens when a hacker files a patent on how to protect from hacking.
@betajet: Well, it wouldn't be very secure in my case. My mother says "all bearded men look alike"...
I've seen your beard -- very impressive -- I'd recognise it anywhere LOL
I posted your point to the folks at Sensory, and they replied as follows:
The more hidden the face the less accurate the vision will be, however this is a big reason why we use dual biometrics. A similarity in face—as for example, 10 heavily bearded men, would not affect the voice component--the voice verification component will still prevent a similar looking person from getting in. This is a big reason why we use the dual biometrics of combined voice and vision.
@goafrit: Hope it can decipher when there is threat and the voice changes. People seem to speak differently under threat than in normal times.
Good point -- I guess it deprends what the threat is:
a) If someone is pointing a gun at your head telling you to say your secret phrase, then you may (or may not) be relieved when your tablet computer refuses to accept your voice signature.
b) If you've just discovered a bomb and you wish to alert the authorities, you'd probably be a tad disgruntled if your smartphone decided it wasn't you talking.
Having said all this:
i) The changes that someone will be holding a gut to your head to gain access to the games on your iPad are slight.
ii) You will probably be able to make emergency calls without logging on.
iii) I'm sure you can always fall back on entering a PIN or password.
iv) These are still the early days -- in the future the device may have multiple cameras and it may be able to work out that you are under stress and why you are under stress and take appropriate action (like calling the authorities on your behalf)
One interesting concept of security and especially for crypto systems is Shamir's Law which states that security / cryptography is not broken / cracked but bypassed and there are many examples of this holding true.
I think most users will find the convenience vs. security trade-off a worthwhile one. True, a combination of facial recognition plus voice recognition is not completely secure, but neither is the 4-digit PIN if someone looks over your shoulder while you enter it. The number of times per day the average smartphone user needs to do this is enough to become annoying, so a faster method that has "good enough" security will be a welcome improvement.
There was a recent story about the voice control on the Xbox One that is a good reminder about potential problems with this security paradigm. The latest commercial has an actor bringing up his box with the "Xbox on" command. The problem is that apparently Xbox Ones were turning themselves on when hearing the commercial. A video of a user saying the password might just do the same here. One possibility might be to have the tablet ask a simple question as a secondary check. That would make a recorded crack harder.
@LarryM99: Mythbusters did a show where they hacked fingerprint readers with a xeroxed copy of a print.
I remember a short science fiction story from long ago (Asimov perhaps?) about something like this -- someone (turns out to be a good guy showing how th esystem can be broken) kidnapping a rich person and using his fingerprint and iris scan to buy all sorts of goods.
The fascinating / scary thing about the hacker world is how the most complex security can be beaten by the simplest things. For example, here's a video of a $160 hardened bike lock being picked using a Bic pen (https://www.youtube.com/watch?v=LahDQ2ZQ3e0). The instructor for the hacking training that I took was teaching his 5-year-old daughter to pick locks. She was opening 5-tumbler locks at that point.
Computers (including smartphones and tablets) are complex beasts, which makes them all the more vulnerable.
@LarryM99: The instructor for the hacking training that I took was teaching his 5-year-old daughter to pick locks.
I must admit that I'd love to know how to pick locks -- not that I have much call for it in my day-to-day life, you understand -- but I'm sure it would be a useful skill when the day of the Robot Apocalypse (or the Zombie Apocalypse) dawns.
@Adam-Taylor: "security / cryptography is not broken / cracked but bypassed"
About 10 days ago I assisted to a conference and round-table hosted by Telefonica/Movistar (the biggest Spanish telecom provider) about enterprise-level security in information technologies and this was stated and exemplifed by most of the VIP attendants, including a world-class hacker, the boss of security systems at Telefonica and the Navarra Autonomous Police chief officer.
I got really scared when I heard how easy an "unbreakable" system can by bypassed by skilled hackers.
I forgot to mention in this column that a simple photo of the person won't work -- the system is also looking for little muscle twitches and eye blinks and suchlike to know that it's looking as a living person.
It seems to me that the changes in faces associated with lighting, changed facial hair (shaving beards), injuries, and aging make the face a moving target. For the algorithm to be flexible enough to tolerate those changes suggests that a mask or video image might also pass. Likewise, our voices change with stress, illness (that heavy voice that comes with a cold), and perhaps even mood. I'd guess a good recording would be more reliable than the live person. Face and voice recognition strike me as less reliable than a fingerprint reader (which could be placed on the blank back of the smartphone to save real estate).
@DrQuine: It seems to me that the changes in faces associated with lighting, changed facial hair (shaving beards), injuries, and aging make the face a moving target.
The one thing about the folks at Sensory is that they are extremely good at what they do -- I hope to visit their labs one day and really sit down with their techno-weenies and ask about stuff like this.
Your post is very informative. Smartphone security is very necessary for all. Many users put some important data on it. Now many electronic companies provide anti theft systems for smart phones. Shopguard Canada is a popular company for this service.
What are the engineering and design challenges in creating successful IoT devices? These devices are usually small, resource-constrained electronics designed to sense, collect, send, and/or interpret data. Some of the devices need to be smart enough to act upon data in real time, 24/7. Are the design challenges the same as with embedded systems, but with a little developer- and IT-skills added in? What do engineers need to know? Rick Merritt talks with two experts about the tools and best options for designing IoT devices in 2016. Specifically the guests will discuss sensors, security, and lessons from IoT deployments.