Biometrics and Bitcoin

[betafall]

We are an EDGE Innovations think tank out of Montreal for General Dynamics

We have prototyped a portable (soon to be wearable) Biometric device with the following features:

• Biometric 3 factor authentication - (Something you "have", Something you "know", Something you "are")
• Communication via USB, Bluetooth, RFI, & Wifi
• Onboard biometric database and management software
• Stand-alone unit, untethered, and contact-less
• ATMEL encrypted chip for sensitive information
• Device is powered by a 32 BIT Cortex CPU
• Biometric system is powered by Authentic chip

Our product was demonstrated as a Biometric, bluetooth login device for a Windows system last week at the Toronto Bitcoin Community Meetup.
We are reaching out to the Bitcoin community to see possible applications for our product, which direction we should go and to get some discussion going regarding Biometrics and Bitcoin hardware.

[RagnarDanneskjold]

Sounds cool. I believe I've seen 'Biometric' btc wallet apps floating around and various hardware wallet implementations. 

Are you the OEM; what is the demonstration/ intended purpose/what determined your design&component requirements? Sounds like a wireless security dongle for mobile or possibly a standalone wallet.

When you ask 'what direction we should go'. Do you mean further hardware development, or are you just looking for programing/applications/firmware for this device?

THis reminded me af a good article (a bit dated) on biometric wallets/banking here:
http://spectrum.ieee.org/biomedical/imaging/the-biometric-wallet

[BitAddict]

This is great, security is never enough in bitcoin's world.

[hazek]

Care to elaborate more on the capabilities of this device?

[freedomno1]

This sounds interesting I would also like to know more about the capabilities of this device
My first assumption would be giving it the ability to share bio-metric data using IR with a service provider if the person is incapacitated
That might be more medical than security based though unless it's along the lines of a dead man switch for someone else to access it if needed
That is related to
When you ask 'what direction we should go'. Do you mean further hardware development, or are you just looking for programing/applications/firmware for this device?

[betafall]

Sounds cool. I believe I've seen 'Biometric' btc wallet apps floating around and various hardware wallet implementations. 

Are you the OEM; what is the demonstration/ intended purpose/what determined your design&component requirements? Sounds like a wireless security dongle for mobile or possibly a standalone wallet.

When you ask 'what direction we should go'. Do you mean further hardware development, or are you just looking for programing/applications/firmware for this device?

THis reminded me af a good article (a bit dated) on biometric wallets/banking here:
http://spectrum.ieee.org/biomedical/imaging/the-biometric-wallet

We are looking for suggestions for further hardware development as well as programming/apps/firmware etc that might be Bitcoin related..

[betafall]

Care to elaborate more on the capabilities of this device?

Basically it is a device that "does something", whether it be log you into a PC, or it could eventually be adapted to become a portable hard drive, or a piece of Bitcoin hardware. The specs of what we have are listed above so what are now looking for suggestions from the Bitcoin community as to which direction we should go with further developing hardware / software etc.

Our initial research and motivation came about to solve security issues in the "bring your own device" jungle. Particularly prominent in the banking/legal/ and other industry with sensitive data.

[Bitcoinorama]

Would this have a Linux distro. pre-configured to avoid eavesdropping?

[Mylon]

We are an EDGE Innovations think tank out of Montreal for General Dynamics

We have prototyped a portable (soon to be wearable) Biometric device with the following features:

• Biometric 3 factor authentication - (Something you "have", Something you "know", Something you "are")
• Communication via USB, Bluetooth, RFI, & Wifi
• Onboard biometric database and management software
• Stand-alone unit, untethered, and contact-less
• ATMEL encrypted chip for sensitive information
• Device is powered by a 32 BIT Cortex CPU
• Biometric system is powered by Authentic chip

Our product was demonstrated as a Biometric, bluetooth login device for a Windows system last week at the Toronto Bitcoin Community Meetup.
We are reaching out to the Bitcoin community to see possible applications for our product, which direction we should go and to get some discussion going regarding Biometrics and Bitcoin hardware.

While being very interested in this, I ofc have my concerns.

I would love to use this thing as an hardware wallet, however in order to do safely, I would pull out this:

• Communication via USB, Bluetooth, RFI, & Wifi

Wifi & Bluetooth are flawed in design, not thinking about security, and way to easy to be attacked by a middleman. RFI I don't have enough experience with, however unless using the latest version of it, I believe its been hacked already too.

Then we would only have USB left, which is imo not an ideal way to pay in a shop.

What we need is a Wireless technology, that is designed to be secure. (like https, ssh, etc etc)


Lastly, while I like 3 factor auth, I'm not really sure how "something you have (like an ID card)" could benefit here, as having the id card in my left pocket, and the device in my right pocket, kinda defeats the purpose of something you have. (imo, something you have security, only works when your not constantly near the thing/location that it needs) (feel free to prove me wrong here)

As to spark an idea in you guys, a combination / randomization of the "Something you are" would be something I really love to see. (asking for either left or right eye for retinal scan, and asking for a specific finger for fingerprint) (just in case someone tries to copy one, now they would need all, a lot harder to get)

And in case you missed it, this stuff is great for hardware wallets.

[freedomno1]

We are an EDGE Innovations think tank out of Montreal for General Dynamics

We have prototyped a portable (soon to be wearable) Biometric device with the following features:

• Biometric 3 factor authentication - (Something you "have", Something you "know", Something you "are")
• Communication via USB, Bluetooth, RFI, & Wifi
• Onboard biometric database and management software
• Stand-alone unit, untethered, and contact-less
• ATMEL encrypted chip for sensitive information
• Device is powered by a 32 BIT Cortex CPU
• Biometric system is powered by Authentic chip

Our product was demonstrated as a Biometric, bluetooth login device for a Windows system last week at the Toronto Bitcoin Community Meetup.
We are reaching out to the Bitcoin community to see possible applications for our product, which direction we should go and to get some discussion going regarding Biometrics and Bitcoin hardware.

While being very interested in this, I ofc have my concerns.

I would love to use this thing as an hardware wallet, however in order to do safely, I would pull out this:

• Communication via USB, Bluetooth, RFI, & Wifi

Wifi & Bluetooth are flawed in design, not thinking about security, and way to easy to be attacked by a middleman. RFI I don't have enough experience with, however unless using the latest version of it, I believe its been hacked already too.

Then we would only have USB left, which is imo not an ideal way to pay in a shop.

What we need is a Wireless technology, that is designed to be secure. (like https, ssh, etc etc)


Lastly, while I like 3 factor auth, I'm not really sure how "something you have (like an ID card)" could benefit here, as having the id card in my left pocket, and the device in my right pocket, kinda defeats the purpose of something you have. (imo, something you have security, only works when your not constantly near the thing/location that it needs) (feel free to prove me wrong here)

As to spark an idea in you guys, a combination / randomization of the "Something you are" would be something I really love to see. (asking for either left or right eye for retinal scan, and asking for a specific finger for fingerprint) (just in case someone tries to copy one, now they would need all, a lot harder to get)

And in case you missed it, this stuff is great for hardware wallets.

Well that's why I mentioned IR
http://en.wikipedia.org/wiki/Infrared_Data_Association
For a device focusing on security line of sight probably works best

[betafall]

We are an EDGE Innovations think tank out of Montreal for General Dynamics

We have prototyped a portable (soon to be wearable) Biometric device with the following features:

• Biometric 3 factor authentication - (Something you "have", Something you "know", Something you "are")
• Communication via USB, Bluetooth, RFI, & Wifi
• Onboard biometric database and management software
• Stand-alone unit, untethered, and contact-less
• ATMEL encrypted chip for sensitive information
• Device is powered by a 32 BIT Cortex CPU
• Biometric system is powered by Authentic chip

Our product was demonstrated as a Biometric, bluetooth login device for a Windows system last week at the Toronto Bitcoin Community Meetup.
We are reaching out to the Bitcoin community to see possible applications for our product, which direction we should go and to get some discussion going regarding Biometrics and Bitcoin hardware.

While being very interested in this, I ofc have my concerns.

I would love to use this thing as an hardware wallet, however in order to do safely, I would pull out this:

• Communication via USB, Bluetooth, RFI, & Wifi

Wifi & Bluetooth are flawed in design, not thinking about security, and way to easy to be attacked by a middleman. RFI I don't have enough experience with, however unless using the latest version of it, I believe its been hacked already too.

Then we would only have USB left, which is imo not an ideal way to pay in a shop.

What we need is a Wireless technology, that is designed to be secure. (like https, ssh, etc etc)


Lastly, while I like 3 factor auth, I'm not really sure how "something you have (like an ID card)" could benefit here, as having the id card in my left pocket, and the device in my right pocket, kinda defeats the purpose of something you have. (imo, something you have security, only works when your not constantly near the thing/location that it needs) (feel free to prove me wrong here)

As to spark an idea in you guys, a combination / randomization of the "Something you are" would be something I really love to see. (asking for either left or right eye for retinal scan, and asking for a specific finger for fingerprint) (just in case someone tries to copy one, now they would need all, a lot harder to get)

And in case you missed it, this stuff is great for hardware wallets.

Agreed that Bluetooth and Wifi are not designed for security.  However the responsibility of security utilizing communication protocols is up to the host and client systems.  We cannot and will NOT rely on communication protocols to provide adequate and provable security. There are numerous very good open source solutions to enable robust security on top of these communication stacks. As such the movement of information to and from our device is well protected and offers assurances as to its resilience and capabilities. In other words you have the controls that will give you peace of mind.