Earlier this year, Motorola’s head of advanced technologies Regina Dugan discussed an alternative to the increasingly vulnerable password method for authentication – a “password pill” that would store credentials within the user’s body.
The password pill would transmit an EKG-like signal to authenticate the user with any appropriately equipped device touched by the user. Dugan talked about the password pill much like a one-a-day vitamin.
Most smartphone users don’t authenticate their devices, and those who do limit it to a four-number PIN, because anything longer than that makes it more difficult to check notifications as frequently.
It makes sense, then, for Motorola to introduce a non-invasive version. The Skip, a magnetized clip that can be worn on clothes without the intrusiveness of a password pill, looks like a derivative of the password pill research, providing strong authentication with simplicity of operation. It’s based on NFC technology, the same technology used to secure contactless payments and building access.
The clip-on NFC Motorola Skip at left, and the adhesive sticker versions at right.
The Skip does not at first stand out as something that “you didn’t know you needed until you had it,” but a security-cognizant smartphone user who frequently checks his or her smartphone might jump at it.
Few smartphones employ passwords of sufficient length to really secure the device. Why? The National Institute of Standards and Technology(NIST) recommends a 12-character random password. Those who check smartphones 50 times a day would find a 12-character password annoying.
The Skip is installed from the Google Play store. Once installed, Skip authentication is enabled by touching the smartphone to it. Thereafter, the user only has to touch the smartphone to the Skip to unlock it.
The Skip also comes with three stickers, with embedded NFC tags encoded with the same level of authentication as the body-worn device. Presumably, the user might affix the tags to a desk or an car’s smartphone dock to simplify unlocking.
Losing one’s Skip is not a disaster, because the user can revert to a previously set pattern, PIN or password. Given the ease of the Skip’s NFC-based touch authentication, and the low risk involved with losing it, a user can afford a long, complex and secure password in the event the Skip is lost. Smartphone users can sleep better knowing they won’t be the victim of identity theft if their smartphone is lost or stolen.
The Skip is a good solution for people who have sensitive data on smartphones who want strong authentication, but also care about convenience.