Lightfactor, a cyber security startup and new FIDO Alliance member announced today the planned 2016 release of a completely new hardware mobile security solution. The miniaturized device will provide identity and authentication services across mobile platforms, and will be submitted for FIDO certification in the immediate future.
According to Lightfactor’s patent filing: One interface, often overlooked and common to just about all mobile device platforms, is the audio jack--designed for headphones and the like. This interface can be exploited to provide 2-way communications to an accessory while also (optionally) harvesting power from the audio signal itself. By implementing a software audio modem on both the smart mobile device as well as the accessory, reliable data communications can be achieved.
The patent filing continues, the use of an audio jack interface is not ideally suited to powering/recharging the token from harvested power, rather the alternating attributes of the audio signal provide just enough power through harvesting to turn a voltage regulator, or an electronic switch, on to allow current to flow from a battery to the remainder of the electronics contained in the token. Essentially, the present invention could utilize one channel (L/R) of the outbound audio jack interface as a switch itself, while providing two-way communications over the remaining outbound audio channel and inbound (MIC) connection.
The solution, a culmination of several years of research and development, was created to solve a number of mobile security and ubiquity problems that current offerings cannot address. Designed to be small, simple, and inexpensive, the device provides a very high level of security for mobile applications.
"We saw a need in the marketplace for a new kind of mobile identity and authentication solution," said Jeff Cesnik, Founder and President of Lightfactor. "There were no solutions out there that address the needs of the enterprise and government while remaining cross-platform, low-cost and easy to use – so we created Qiwi. Best of all, it uses energy harvesting – so it doesn't need batteries, and never wears out." Dave Atherton, Co-Founder and Chief Software Architect said, "We want to make Qiwi as easy as possible for organizations to adopt into their diverse mobile ecosystems, regardless of their preferred device platform."
Qiwi eliminates many of the risks and issues inherent in other mobile authentication solutions in a cross-platform way. Credentials and keys are stored on Qiwi, not on the mobile platform. Qiwi doesn't use a proprietary connector – it plugs into current-generation iOS and Android phones and tablets without an adaptor. It can be moved from device to device quickly and easily, which is important for people who use multiple devices on a daily basis. Since Qiwi doesn't use radio frequency for power or communications, it isn't susceptible to RF-based attacks. It only operates when it's plugged in.
"We are pleased to welcome our newest associate member Lightfactor," said Brett McDowell, executive director of the FIDO Alliance. "The FIDO vision of universal strong authentication promises better security, enhanced privacy, more commerce and expansion of services throughout digital industries. Lightfactor's addition to our Alliance supports our industry goal to make user authentication easier and safer for all parties."
