Stories
Slash Boxes
Comments

SoylentNews is people

posted by Cactus on Tuesday February 18 2014, @01:18AM   Printer-friendly
from the I-want-a-whistle-in-my-cereal dept.
Gaaark writes:

Google acquires SlickLogin: dogs go wild!

SlickLogin, an Israeli start-up, is behind the technology that allows websites to verify a user's identity by using sound waves. It works by playing a uniquely generated, nearly-silent sound through your computer speakers, which is picked up by an app on your smartphone. The app analyses the sound and sends a signal back to confirm your identity.

The firm confirmed the acquisition on its website but did not provide any financial details of the deal.

Too bad they don't still put whistles inside packages of Cap'n Crunch cereal!

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by regift_of_the_gods on Tuesday February 18 2014, @03:29AM

    by regift_of_the_gods (138) on Tuesday February 18 2014, @03:29AM (#1356)

    I assumed the smartphone has a chip with a private key or some other secret that can securely identify itself to service providers when placing or accepting a call. That's what I meant. I don't know the details.

  • (Score: 1) by tftp on Tuesday February 18 2014, @04:22AM

    by tftp (806) on Tuesday February 18 2014, @04:22AM (#1393) Homepage

    I assumed the smartphone has a chip with a private key or some other secret that can securely identify itself to service providers when placing or accepting a call

    A phone (smart or not) does have such an ID. However, it is not tamper-proof, and it can be simulated. Besides, this ID is only available to the cellular provider; they need it to know what phones to service and what phones to reject. If a Java application on a smartphone opens a TCP connection to a 3rd party server, there will be no such information embedded. You only get the IP address. The HTTP request may contain some headers... but they are only what YOU send; and you can send whatever you want. In other words, your phone can only authenticate to the cellular provider, but not to 3rd parties. This is good because otherwise your phone can be uniquely identified and tracked by every web site in existence.

    In order to securely authenticate on application level the phone has to have some TPM hardware [trustedcom...ggroup.org]. I do not think that today's smartphones have TPM despite the obvious interests of TPM vendors. Eventually this may happen.