BIOMIO launches open source password-free authentication platform
20 July 2015 11:44 GMT

US start up BIOMIO says that in order for password-less authentication to work, it has to be simultaneously available across all devices, not just a select few

BIOMIO, a US-based start up, has announced it will be open sourcing its core product – a multi-factor authentication (MFA) framework, which includes client and server-based biometric capabilities, as well as other authentication options like one-time passwords and context awareness.

According to the company,stronger authentication has been gaining a lot of attention due to the number of attacks that take over user identities in order to log into systems to gain access to valuable data. Traditional password and PIN-based access control approaches are no longer working due to proliferation of effective attack types that range from phishing, to keystroke logging, to social engineering and brute force, making password theft easier than ever.


BIOMIO commented that the industry has been hard at work trying to identify a solution for this problem with MFA (multi-factor authentication), Single Sign-on Systems, and by forming standards and alliances like FIDO which move authentication into a chip on a cell phone or on a USB stick. Commercial efforts on the consumer side are mostly driven by embedded fingerprint sensor technology like Apple TouchID, as well as newly announced Microsoft 10 support for biometric login (dubbed Hello), specifically using Intel’s new RealSense™ camera that’s well suited for biometric readings.

“BIOMIO team realized that in order for the password-less authentication to work, it has to be simultaneously available across all devices, not just select few, and it has to be engineered in a way where authentication modes can be mixed and stacked up to match the application and the environment,” said BIOMIO’s project lead, Dan Itkis. “This meant that this system had to be engineered right for flexibility and extensibility, and that it had to be completely transparent.”

BIOMIO believes it’s critical that such systems be Open Sourced to gain trust in the methods used for identification/verification, while developers can extend the project to accommodate different systems, verification points, as well as probe devices that are coming out including fingerprint readers, vein readers, eeg bands, and others.

Once the technology is adopted by the open source community, it will no longer be driven and controlled by the device or operating system manufacturers, but will open up to any application or system to take advantage of in its own customer-specific workflow. A bank for example might use it to protect user online logins or clerk logins at the branch, while a hospital might use it to verify an insurance card, an e-commerce provider can use it to verify a credit card, and a restaurant to protect their POS system. The technology convers a broad spectrum of applications which can all converge onto the same platform.

The BIOMIO approach combines fingerprint, face, voice, heartbeat and other biometric measurements to establish a person’s identity as required by the application or a device.

According to the company, its technology can be used with web sites, computer and phone applications, ATM machines, security systems, entry points, test and voting locations, and many other places. BIOMIO is inviting device manufacturers, independent developers, integrators, customers, and all other interested parties to contribute to the project.

 

Industry Events


connect:ID 5-6 Oct 21