News

Google acquires audio ID startup SlickLogin

Warwick Ashford Monday 17 February 2014 08:58

Google has acquired Israeli startup SlickLogin that has developed technology that enables online services to authenticate a user with sound waves.
SlickLogin confirmed the acquisition on its website but did not provide any financial details of the deal.

Online services that use SlickLogin play a unique sound inaudible to humans over a user’s computer speakers which is picked up by the SlickLogin smartphone app and sent back to confirm identity.
SlickLogin's technology uses a combination of protocols, including Wi-Fi, Bluetooth and QR to verify that a user's smartphone is in the same location as the computer being used to access to the online service.
The technology’s creators claim it offers “military-grade” security as everything is heavily encrypted and the sound transmissions will work only with the user’s smartphone at a particular moment in time.
According to the firm’s website, SlickLogin’s three founders are recent graduates of the Israeli defence force’s elite cyber security unit, and have more than six years’ experience working on cutting-edge information security projects.

More on authentication

• IT industry group releases password-killing standard
• Password-based authentication: A weak link in cloud authentication
• Biometrics key to frictionless authentication, says BioCatch
• Alternative authentication: New authentication methods for enterprises
• Risk-based authentication (RBA)
• Multifactor authentication (MFA)
• Best of authentication 2012
• Master VMware identity authentication strategies
• Biometric authentication methods: Comparing smartphone biometrics

The technology can be used either as a replacement for a password or as an additional security layer to enable two-factor authentication.
Google was one of the first online firms to offer two-factor authentication to users, with several others following suit in light of several high-profile leaks of usernames and passwords.
Most two-factor authentication systems in use rely on one time pass cards sent via text message or codes generated by tokens or other special gadgets.
However, text-based systems are vulnerable because if hackers compromise accounts they can change the mobile number set to receive the codes.
SlickLogin eliminates this vulnerability and does not require users to carry around a separate gadget for generating codes as used by some UK banks.
Some analysts expect Google to use the technology to enable two-factor authentication for Android devices and all Google services.
The acquisition is consistent with Google’s goal to enable easier, more-secure online authentication.
In October 2013, Google confirmed that it is planning a two-factor authentication token, and the firm is also a member of the  Fast IDentity Online (Fido) Alliance.
The alliance is an open industry consortium set up to develop standards for simpler, stronger authentication and recently published draft technical specifications for a new authentication protocol.
The Online Security Transaction Protocol could eliminate the use of passwords in the future by enabling the interoperability of a variety of multi-factor identity checks.
These include include biometrics, Trusted Platform Modules (TPMs), USB security tokens, embedded secure elements (eSEs) and smart cards.

Related Topics: Identity and access management products, IT for utilities and energy, IT for consulting and business services, IT for transport and travel industry, Technology startups, IT for manufacturing, IT for charity organisations, IT for telecoms and internet organisations, Privacy and data protection, IT for leisure and hospitality industry, IT for small and medium-sized enterprises (SME), IT for government and public sector, IT suppliers, IT for retail and logistics, IT for media and entertainment industry, Hackers and cybercrime prevention, Healthcare and NHS IT, IT for financial services, VIEW ALL TOPICS

Read More

• Related content from ComputerWeekly.com

  • Twitter strengthens login security after hacker attack
  • Do two-factor authentication vulnerabilities outweigh the benefits?
  • How to address password change frequency, reuse for third-party apps
  • Two-factor authentication options, use cases and best practices
  • Schneier: 'Two-factor security is not our saviour'

• RELATED CONTENT FROM THE TECHTARGET NETWORK

  • Information security podcasts: 2009 archive
  • Speaking of VoIP with Russ Shaw

What is Cyber Security?

The UK along with many other countries have had the threat of terrorism attacks over them for decades and although these threats are still very much active more recently the dangers have also started to move online or into the Cyber space. Cyber-attacks can be in many forms including the internet, telecommunications systems and computer systems. These cyber-attacks are now not only derived from foreign states but from organised criminals looking to defraud, disrupt or destroy the infrastructures of companies for financial or other gains.

Cyber Security is basically the action of countering cyber-attacks from these external threats by implementing IT security measures to stop the attacks before they cause too much damage.

Countries all over the world are now facing an ongoing threats from hostile states, terrorists, hacktivists and criminals operating in this area with the common goal to disrupt so Governments and corporations are looking to implement Cyber Security measures to prevent this.

Due to the nature of this increased risk the need for specialists within the Cyber Security Jobs sector has created a shortfall of qualified candidates.

The shortfall that we now have is providing great opportunities for candidates with an IT exposure to cross train and work within Cyber Security or for 1st jobbers to enter this exciting marketplace and even Graduates recently qualified with newly created industry qualifications.

Some common Job Titles within Cyber Security are: CISO (Chief Information Security Officer, CIO (Chief Information Officer), Ethical Hacker, Cyber Security Engineer, Cyber Security Architect, Systems Engineer, Software Engineer, IT Security Analyst, Information Assurance, Identity Management, Forensic Investigation, Risk Management,  Penetration Testing, Security Architect, Network Security, Security Auditor, Security Manager and many more…

International governments have highlighted that Cyber Security is now as much of a priority to them as terrorism, international military crisis or natural disasters. In order to obtain their objectives within the Cyber Security Jobs space many governments across the globe are increasing their funding and commitment to fighting Cyber Crime.

The area of Cyber Security is a new and dynamic place to work with every day putting forward challenging and interesting hurdles for the people who work within it. If you are looking to work within this exciting industry please register your details with Cyber Security Jobsite and search for the latest cyber security vacancies and set yourself up for Job Alerts delivered to you on a daily basis.