How Apple and Google will kill the password
Prediction: Your phone is about to become a universal biometric ID and debit card
Computerworld - Imagine sitting down at a public PC, surfing the Web, visiting Facebook, checking your online bank account and buying something on Amazon.com -- all without entering passwords or credit card information.
It gets better. You get up and leave without even logging out. Some shady criminal type sits down at the same PC and finds his attempts at cracking your password foiled at every turn. Your accounts can't be accessed because your phone is no longer on the desk.
It gets better still. Hop in your car and press the "Start" button -- no key necessary. The car knows it's you after you wave your phone over the dashboard, and it adjusts the driver's seat and steering wheel just for you.
On your way to work, you swing by Starbucks to grab a Trenta Iced Cafe Mocha with whip. To pay, you wave your phone over a terminal on the counter, grab your drink and head for work.
Arriving at the office, you sail past security with doors unlocking automatically as you approach them. When you walk into your office, the lights and PC come on auto-magically.
But what's this? While you were out, IT replaced your old-and-busted PC with the latest and greatest. The PC is a blank slate, and it's unaware of your data or settings. No worries. Just drop your phone on the desk, and the system instantly implements your settings and begins downloading your work documents from the cloud.
While all this is happening, a co-worker walks in talking smack about the game yesterday -- and the ill-advised bet you lost. You owe him $10, so you both pull out your phones. You launch an app, type in the number 10, and tap the phones together to transfer the money.
All this has taken place without a single password or credit card.
The magic happens when you can combine a biometric ID system (which uses some kind of scan from a smartphone to verify that you're actually in possession of the device) with a secure short-distance wireless communication technology that other devices (cash registers, PCs etc.) can read.
What's wrong with passwords?
Why do we need a new ID system? Because most users don't create secure passwords, and they can't always remember the ones they create.
On any public system -- like, say, Facebook -- if a hacker tries the 20 most common passwords on enough accounts, he'll eventually break in. Any two-bit suburban script-kiddie can download free software to crack the majority of passwords on a public system within hours.
Many people use a single password for all accounts. Once a hacker gains access to the password, he can wreak havoc, steal your identity, destroy your credit, ruin your relationships and expose your secrets.
Password protection -- or lack thereof -- is the IT industry's dirty little secret. Passwords are a broken and obsolete model, yet everyone relies on them and pretends they do what they're supposed to do.
The obvious password replacement is biometric identification -- the use of a system capable of recognizing unique physical attributes, such as fingerprints, iris patterns or voices.
Far too many people don't trust biometrics because it feels like Big Brother technology. But I believe that if the biometric system resides on the user's cell phone, and is under the user's control, such technology would be far more acceptable to the public.
How Apple will kill passwords
Apple doesn't discuss future product plans, but it appears likely that the company is aggressively pursuing the development of technologies that replace IDs, passwords and credit cards.
Two years ago, Apple was in the news for patenting a range of biometric ID tools for the iPhone, such as a voice recognition system, a retinal scanner that uses the phone's camera or, most likely, a system that uses the screen to scan fingerprints.
Last year, Apple hired an expert in Near Field Communication, or NFC, to head up the company's Mobile Commerce department. NFC is technology that enables the transfer of data over distances of just a few inches -- a model that's far more secure and reliable than, say, Bluetooth. Other inside sources have been quoted as saying that Apple plans to build NFC into the iPhone 5.
- The Apple-ization of the Enterprise: Understanding IT's New World Read this paper for how to tackle Apple-ization (and the related consumerization of IT and Bring Your Own Device/BYOD).
- A Practical Introduction to Enterprise Mobility Management Read the white paper to better understand the basic concepts within mobility management and to learn how you can apply EMM technology to...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise Endpoint Backup Checklist Read this checklist to learn how to create a back up strategy to quickly and easily protect your endpoint data.
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the... All Mobile/Wireless White Papers | Webcasts