Voxx sees iris scans putting password era to bed

Jan 07, 2014
Voxx International wants iris recognition technology to render passwords obsolete, offering a "one in two trillion" level of online security

Voxx International wants iris recognition technology to render passwords obsolete, offering a "one in two trillion" level of online security.

The US-based consumer electronics company once known as Audiovox on Monday unveiled myris, a hockey-puck size gadget that allows a gaze to be the key to unlocking a computer, teller machine, or any other device needing a password.

"Only DNA is more accurate than iris identity authentication," Voxx Electronics president Tom Malone said while introducing myris, which was made in collaboration with biometrics firm EyeLock.

"The chance of a false match is one in more than two trillion."

Myris scans eyes and converts each individual's unique identifying data into an encrypted code, according to Voxx.

The device can then be plugged into USB ports to access machines or online accounts with one's eyes.

"Photos or video recordings of faces won't work," Malone said during a press event here on the eve of the formal start of the international Consumer Electronics Show.

"This is truly the elimination of passwords."

Voxx billed myris as the first consumer-facing version of the , which had been kept out of reach by complexity and cost. While not releasing pricing, Malone said myris will be available at affordable prices through retailers.

He envisioned the technology being put to use to safeguard bank accounts, hospital records, and other valuable personal data as well as for people's devices and online services.

"Identity theft is a worldwide problem and we have a global solution," Malone said. "To say biometrics is a growth category is an understatement."

Iris authentication has been available to corporations and enterprises for years, but no platform has been simple enough for consumers to use in everyday situations, according to Voxx.

"Eyelock is the only iris authentication technology to employ fast motion video and dual eye authentication, allowing us to provide a more seamless, simple and user-friendly experience, with unparalleled levels of security," said Eyelock chief executive officer Jim Demitrieus.

"Partnering with VOXX Electronics guarantees our technology will reach the broadest possible audience and propel digital security into the next era."

Explore further: Biometrics researchers see world without passwords (Update)

add to favorites email to friend print save as pdf

Related Stories

EyeLock brings biometric security to your websites

May 13, 2011

(PhysOrg.com) -- Biometric security is always a field of interest for those people who need to keep your data secure. Currently, it is used in a wide variety of high security applications, mostly by large ...

Authentic brain waves improve driver security

Sep 05, 2013

One-time entry authentication methods, such as passwords, iris scanners and fingerprint recognition are fine for simple entry whether to a protected building or a private web page. But, a continuous biometric system is needed ...

Google vision of password rings heard at security event

Mar 13, 2013

(Phys.org) —Google finds much appeal in gaining the distinction of leading the way toward a future where USB sticks and rings can replace traditional passwords. The idea of killing off passwords has been ...

Recommended for you

Study: Samsung phone durable, but iPhone has edge

Apr 14, 2014

Samsung's new Galaxy S5 smartphone is more durable than last year's model and other leading Android phones, but the iPhone 5s outperformed all of them in part because of its smaller size, a new study finds.

Invention loves collaboration at Milan show

Apr 14, 2014

Collaboration drove invention during Milan's annual International Furniture Show and collateral design week events, yielding the promise of homes without mobile phone chargers, and with more ergonomic seating, ...

Amazon 'to release smartphone later this year'

Apr 12, 2014

Amazon is preparing to release a smartphone in the second half of 2014, thrusting itself into a market already crowded with Apple and Samsung models, The Wall Street Journal reported.

User comments : 10

Adjust slider to filter visible comments by rank

Display comments: newest first

CuriousMan
4 / 5 (5) Jan 07, 2014
And how do you ensure that the signal received by a server from a "retina scanner" is actually scanning a retina, not just re-sending a signal captured elsewhere? Would Voxx build some validation mechanism into their scanners? Which puts their servers at the center of all transactions, able to mine all that data? How very kind of them. 93 ASCII characters in an 8-character password provide 5,595,818,096,650,401 possible combinations. A retina scanner would be convenient for those who don't want to remember passwords, but not necessarily more secure.
JRi
not rated yet Jan 07, 2014
Samsung is apparently planning retina scanner for their new smart phones, perhaps for Galaxy S5:

http://www.design...ures.htm
shavera
3.5 / 5 (6) Jan 07, 2014
and what happens when the database of retina scans is hacked and retina ids (as some kind of bit stream readout from the display) are released to the wild? I think I'm more familiar with password databases being cracked these days than individual passwords being brute-forced open.

It's not like I can change my retina/iris/fingerprint. I can change my password. If we want some kind of tokenized password system, better to have some physical USB "key" (analogous to a key for my door or a key for a bank lockbox), plus some pin. Or some other 2-factor ID.
Returners
1 / 5 (2) Jan 07, 2014
Encrypt the data on your own machine using a code the "cloud" does not know with a password you know.

Send to the Cloud. Cloud encrypts again using your normal "log-in" password. This way even if someone hacked the cloud and got the "log-in" password, and decrypted on their side, they still would be unable to read the information.

Problem is, the cloud-side applications wouldn't be able to do "work" on data that was encrypted on the user side without having the second password and algorithm in their database anyway, which defeats the purpose of the idea.
Returners
1 / 5 (2) Jan 07, 2014
Zephir:

I will be reporting every post you make like this from now on for personal harassment.
antialias_physorg
5 / 5 (2) Jan 07, 2014
The chance of a false match is one in more than two trillion

Well, yeah: right up to the point when someone just puts a fake iris scanner out there (or just hacks into one to read the input from your retina)...then 3D prints out an object that will read as your eye (or just plays the image back using an appropriate screen). And as shavera points out: Once hacked your retina is useless. It's not like you can change it whenever you want.

Send to the Cloud. Cloud encrypts again using your normal "log-in" password.

Sweet lord: No. Encrypting something twice is always worse than encrypting once (because you are dropping security to the worse of the two encryption schemes)
Here I have to side with Zephir_fan: Please don't put out an opinion on something you have no clue about (encryption/data security).

Problem is, the cloud-side applications wouldn't be able to do "work" on data

Ever heard of homomorphic encryption?
Ojorf
not rated yet Jan 08, 2014
Regarding all the critical comments above, this is supposed to replace having to (remember and) type in a (secure) password. I think it should be easier and more secure.
Just think, it wont be long before someone just puts a fake keyboard out there (or just hacks into one to read the input from your typing) .
And how do you ensure that the signal received by a server from a "keyboard" is actually being typed, not just re-sending a signal captured elsewhere?
:)

Whydening Gyre
not rated yet Jan 08, 2014
Here I have to side with Zephir_fan: Please don't put out an opinion on something you have no clue about (encryption/data security).

Returners. I believe this is might be AP's actual job, so you might want to listen to him on this one. Unless, of course, God tells you not to in a vision...

Ever heard of homomorphic encryption?

No. Can you elucidate?
Bob_Wallace
not rated yet Jan 08, 2014
And how do you ensure that the signal received by a server from a "retina scanner" is actually scanning a retina, not just re-sending a signal captured elsewhere?


You do some things like hit the eye with a flash of light and observe pupil reaction. Flash a beam off the retina and check the returning wavelength.

In the case of an ATM you grab the face and do facial identity while confirming that it's a live feed as the person approaches. Then do the eye to make sure it's not the evil twin.

Bounce a light beam off the person's shoulder/whatever.

There must be multiple other pieces of data that can be used to make spoofing extremely difficult for those times when the potential loss is extreme. For the $200 max ATM theft the eye scan is likely far more than what is needed.
KBK
not rated yet Jan 12, 2014
The problem is that retinas are not fully formed when the child is born.

This means that the birth stressing and load and the initial 6+ months of life and any stress afterward, will show up as a pattern in the eye.

Like growth rings on a tree, or in the bone of a person, teeth, etc. all these different methods of checking on growth and patterns; comparatively...this sort of thing can be done with the eye.

What the end result will be, as the database builds..and techniques are considered and tested...is a database that can be mined for psychological and physiological metrics.

That the privacy of a person's internal makeup and their deepest drives, will be breached.

More news stories

Freight train industry to miss safety deadline

The U.S. freight railroad industry says only one-fifth of its track will be equipped with mandatory safety technology to prevent most collisions and derailments by the deadline set by Congress.

Microsoft CEO is driving data-culture mindset

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

IBM posts lower 1Q earnings amid hardware slump

IBM's first-quarter earnings fell and revenue came in below Wall Street's expectations amid an ongoing decline in its hardware business, one that was exasperated by weaker demand in China and emerging markets.

Down's chromosome cause genome-wide disruption

The extra copy of Chromosome 21 that causes Down's syndrome throws a spanner into the workings of all the other chromosomes as well, said a study published Wednesday that surprised its authors.

Ebola virus in Africa outbreak is a new strain

The Ebola virus that has killed scores of people in Guinea this year is a new strain—evidence that the disease did not spread there from outbreaks in some other African nations, scientists report.