Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Biometrics and Bitcoin
by
Mylon
on 17/06/2013, 18:55:09 UTC
Quote from: betafall on June 15, 2013, 02:11:41 AM
We are an EDGE Innovations think tank out of Montreal for General Dynamics

We have prototyped a portable (soon to be wearable) Biometric device with the following features:

  • Biometric 3 factor authentication - (Something you "have", Something you "know", Something you "are")
  • Communication via USB, Bluetooth, RFI, & Wifi
  • Onboard biometric database and management software
  • Stand-alone unit, untethered, and contact-less
  • ATMEL encrypted chip for sensitive information
  • Device is powered by a 32 BIT Cortex CPU
  • Biometric system is powered by Authentic chip

Our product was demonstrated as a Biometric, bluetooth login device for a Windows system last week at the Toronto Bitcoin Community Meetup.
We are reaching out to the Bitcoin community to see possible applications for our product, which direction we should go and to get some discussion going regarding Biometrics and Bitcoin hardware.

While being very interested in this, I ofc have my concerns.

I would love to use this thing as an hardware wallet, however in order to do safely, I would pull out this:
Quote
  • Communication via USB, Bluetooth, RFI, & Wifi
Wifi & Bluetooth are flawed in design, not thinking about security, and way to easy to be attacked by a middleman. RFI I don't have enough experience with, however unless using the latest version of it, I believe its been hacked already too.

Then we would only have USB left, which is imo not an ideal way to pay in a shop.

What we need is a Wireless technology, that is designed to be secure. (like https, ssh, etc etc)


Lastly, while I like 3 factor auth, I'm not really sure how "something you have (like an ID card)" could benefit here, as having the id card in my left pocket, and the device in my right pocket, kinda defeats the purpose of something you have. (imo, something you have security, only works when your not constantly near the thing/location that it needs) (feel free to prove me wrong here)

As to spark an idea in you guys, a combination / randomization of the "Something you are" would be something I really love to see. (asking for either left or right eye for retinal scan, and asking for a specific finger for fingerprint) (just in case someone tries to copy one, now they would need all, a lot harder to get)

And in case you missed it, this stuff is great for hardware wallets.