Biometric security has been employed in computers for a number of years, but until recently the sheer mention it being used in a smartphone may have brought funny looks. However, with Apple seemingly poised to couple biometric scanners with NFC following its $356 million acquisition of Authentec, that may all change.
PIPA Solutions — a London-based company that calls itself a “leader in enterprise-level biometric security” — aims to steal a march on Apple and its rivals by launching a new crowd-funding campaign on Indiegogo, seeking $100,000 to fund development and manufacturing of its new PIPA Touch fingerprint scanner.
The PIPA Touch intends to bring “strong, simple, multi-layered fingerprint security” to smartphones, with the team announcing cases for both the iPhone 4S and iPhone 5, as well as the bestselling Samsung Galaxy S III (it supports any iOS/Android/Windows Phone device via Bluetooth, but doesn’t currently have dedicated cases for these devices).
It operates by pairing a Bluetooth fingerprint scanner with protective smartphone covers, integrating wirelessly with the device’s locking system and opening it up using a fingerprint scan. PIPA Touch is able to tie the scanned fingerprints to a 16-character alphanumeric passcode and secures everything within the scanner module using military-grade encryption, meaning the scanner can wirelessly wake the phone and enter the stored passcode.
However, PIPA isn’t content with offering a single solution.
Although it’s highly improbable, fingerprints can be copied. In order to protect your device should such a random thing occur, PIPA has also added an additional authentication by way of a multi-finger sequence, which operates as the fingerprint equivalent of a passcode. Your fingerprint might not change, but the sequence can, meaning you are in control at all times.
While the solution revolves around your smartphone, the fingerprint scanner will also support PIPA’s new cloud-based platform — known as ‘Password Bank’ — which is capable of authenticating passwords and text-entry boxes on the Web using your smartphone. All of the authentication is handled by PIPA’s SDK, which the company hopes will get developers on board to launch apps that integrate with PIPA Touch or adapt existing apps to add an additional layer of security.
“By taking the wireless technology built into PIPA Touch and integrating it with our cloud-hosted Password Bank, you’ll be able to log in to any secure site after entering your biometric scan sequence,” says PIPA software engineer Peter Lamb. “Password Bank lets us create long, complex passwords for our accounts then forget them.”
While only three devices are supported at launch, PIPA hopes to release solutions for all iOS, Android and Windows Phone smartphones, helped by the fact the Bluetooth scanner can easily be ported between different cases.
“PIPA Touch is the biometric scanner our smartphones have been waiting for,” says Project Founder Sher Khan. “When it comes to securing our digital lives, passwords just don’t cut it anymore. We want something as strong, simple, and as mobile as we are. We want freedom to roam.”
“Exchanging ideas and sharing a dialogue with your end-users is why we were so gung-ho on taking our project to the crowd. Our team can only think up so many ways to make our product great. With crowdfunding, you get to access a deep well of talent and perspectives. We can’t wait to see where our supporters help us go from here.”
PIPA says the fingerprint module has its own battery, which lasts up to five days (based on use tests involving 100 scans per day). It can be charged using a standard USB cable.
It remains to be seen if the project will resonate with consumers. Biometric solutions are still mainly enterprise-focused and are often slow to authenticate. There is also the annoying realisation that a smartphone case can be taken off the device, leaving it with the basic security it once employed.
However, PIPA does have case removal covered. From the Indiegogo project page:
If you needed to access your device and no longer had your Fingerprint module, there are two options. When you register your fingerprints and sequence on your PIPA device, you will be given a randomly generated 16 character alpha-numerical password. You can write this down and place it under lock and key in a secure place for emergencies. Or you can choose to rely on us to save it securely in the cloud.
If you ever need to acquire this password, you will need to pass industry standard security questions, after which we will post the password to your registered address. We will also send email warning that we received a request for your strong-password.
That said, the project does tout more features than just an easy way to unlock your device. By taking it to the cloud, it can help do away with additional password managers, and there is scope for its use case to change as developers get on board.
Funding for PIPA Touch starts at $59, with a total of seven perks available. PIPA says that if it reaches its funding goal of $100,000 it will be able to make an initial production run of about 1200 units, which are scheduled to reach pledgers by 2013.