Solutions to the age-old authentication process (read; passwords) are flying fast and furious.
Web sites are making available mouse tracking, keystroke patterns, gestures and your own heartbeat to serve as identifiers. There are devices you can carry in your pocket, wear on your wrist, your ankle or draped around your shoulders., with the promise of improved security. There are biometrics including voice, fingerprints, and facial recognition. There is geo-location based on smartphone mapping. There is talk of
Wearable technology is staring you in the glassy-eyed face, literally, whether you like it or not.
In combination, these authentication tools become even more powerful, if not a bit more cumbersome to execute.
And therein lies the rub. With all the talk about upgrading from passwords, can these authentication tools become too powerful? Who's at the controls when authentication signals are read? How are you linked to your identity and in what ways can you be tracked, targeted and impersonated?
Where is the line if wonderful theories are to become useful technologies?
Last week, Motorola talked at the D11 conference about its cutting-edge authentication research. Temporary tattoos - high-tech patches already used in the medical field, that might support authentication. Also, the Google-owned company went all "outside-in" with its peek at the future of identity.
A pill, ingested once a day, that turns the user into their own authentication device, activating laptops, devices, and perhaps even the coffee pot, whenever and wherever they might go. You are your own UI.
No doubt the current state of the password could use something to cure its ills.
Regina Dugan, a senior VP at Motorola who showed off the future at D11 (video here), called the pill "your first super-power." The question is "yours" and "who else."
And while using the pill as an authentication device is merely a project to marvel at now, application of the technology and issues like privacy will determine if it ever sees the pit of your stomach.
Can the pill's authentication be turned on and off? How do I prevent every reader from picking up my signal, an issue the government faced when it mandated RFID-chips for passports. The first solutions were to wrap the identity documents in a metal case. Talk about your tin-foil hats.
If the user is authenticating just by moving around, how does the user prevent being tracked as they are recognized by various sensors or log into various applications?
And foremost, how are these devices linked to the user. Are they doled out like contact lenses with your prescription (re: identity) printed on the side.
And what if these pills are lost or stolen. What is the revocation process, or the re-activation process, especially when the user discovers that their pills just fell down behind that old pile of floppy disks.
And what are the long-term health risks? In the 50s, fewer than 50% of people thought smoking caused lung cancer. In the 90s, people wondered if cell phones were giving them brain cancer. Are they? The arrival of digital phones has taken some of the steam from that debate.
Better and easier authentication is quickly becoming a mandate, but can it go too far? And if so, what are the ramifications? For one, passing a token and token retrieval could take on a whole new meaning.