BlackBerry joins Fido Alliance to support passwordless authentication

By Simon Sage on 5 Sep 2013 08:07 am EDT
-
loading...
-
loading...
-
loading...

BlackBerry announced their membership into a new association today called the Fido Alliance. These guys are pushing a two-factor authentication standard in order to reduce our reliance on passwords. These systems range from biometrics (like fingerprint scanning), location awareness, NFC tokens, one-time passwords and, most importantly, embedded hardware. Though BBM, Protect, and BlackBerry World are mentioned in the press release, the end user experience for BBID isn't going to change any in the immediate future, but it's easy to imagine this technology enabling BlackBerry devices to become security tokens in their own right for two-factor authentication.

For example, you could set your PayPal account so that it could only authenticate transfers made from your BlackBerry since it has a unique and certified identity. Alternatively, you could set it so that with an additional PIN number punched in on the device, you could open doors with electronic locks, or start your car. 

Security is BlackBerry's wheelhouse, so the partnership isn't entirely out of left field, but Fido is a relatively new organization formed just last summer and officially launched this February. As you can imagine, it doesn't seem like there's a whole lot of interoperability right now, but BlackBerry is the 40th. member in the alliance and will take a seat as a board member. They're joining PayPal, Lenovo, Google and NXP, just to name a few of the folks in the working groups.

It seems like the Fido Alliance will bear some productive fruit down the road, in any case - does anyone want to take a guess as to how they'll all work together? What kind of authentication mechanisms would you like to see integrated on BlackBerry?

52 comments

sling

Interesting read, thanks!

Posted via CB10

jrohland

I've been pretty annoyed that BBID does not offer 2-part authentication. I'm using that for every account I have where it's offered. Although PayPal currently does it in a stupid way.

nosmartphoneyet

Sounds cool but, will BlackBerry still be here. As much as I'm pro BlackBerry, love my z10, I'm starting to wonder what is going to happen.

Posted via CB10

BerryWizard

Geez this is getting annoying. can we please wait and see what happen? We have barked this company prematurely too many times before and THEY ARE STILL THERE! So just relax and see what happen. Anyway you, as user will not see any difference in the soon no matter what happen to the company.

Posted via CB10

BerryWizard

We have buried *

Posted via CB10

flexja

+1

Posted by z10 boss

Mskadu

He's just voicing what we're all thinking. I agree it's still there. But the thought won't go away :(

El Bori

True very true. We need to be more tolerant to other opinions. chill out...

RP Singh

We are not all thinking that, we are all thinking why some people are actually thinking that.

Sent from my iPuh-lease-as-IF

crackbb10

Comment of the day...

From the Z...

Playbook007

Funny how everyone says BlackBerry is dead, yet they sign up for this alliance. How does that even make sense. Panasonic and Garmin just inked deals with QNX which in turn is owned by BlackBerry. Just doesn't make sense that these huge companies would make deals with a dead entity. I think it's the medias last attempt to crush BlackBerry prior to BlackBerry announcing something big and positive.

BlackBerry will survive in the Corporate and Government Sectors! My Z10 is so much better than an iphone!

El Bori

;) ;) so so true. waiting on my Q10 and i still use my PB...

jrohland

Since BB hardware has a CPU based key, I'd like to see certificate based authentication where the certs are encrypted by a key kept in a vault which is then encrypted by the hardware key on my phone. The reason to do it that way is so you can, if you choose, keep the Fido authentication certificates decryption key on an offline, encrypted thumb drive. This would allow you to unlock those accounts in the case of a lost or damaged phone.

Right now I use Authomator (https://appworld.blackberry.com/webstore/content/22517879) on my Z10 to generate the codes for the 2-part authentication. This is not a bad way but it could be more convenient without compromising security.

yruz2bu

Since I'm new to what differs the hardware identity in BB10 devices compared to iOS or Android based ones...

Is the "CPU based key" mentioned an identifier for the device or a security key that can be used for signing and/or encryption and in any case is it unique to BB hardware or are there other devices with the same capabilities?

Thanks in advance :0)

/Jorgen

ricocan

Interesting news and a needed focus to protect consumers from each other.

Will they have a section that will focus on protecting the consumer from corporations who spy and disrespect the right to privacy?

My personal information, habits and behavior are private but not fully protected. I still want full control of my right to privacy .

Ricocan

jrohland

As long as we continue to use cloud based email and other communication services (Gmail and Outlook.com for example), we have no expectation of privacy. Those companies offer these services to us for free in exchange for information about our habits, activities, contacts, etc..

I am pretty sure BB10 using SSL to a mail server I run (where I compile the OS and mail server code myself) would be pretty safe. Although I am concerned about what reporting code AMD and Intel may have in their chipsets. That is, it may not be possible to purchase a trusted hardware platform.

Of course even if you could keep information between your own systems protected, as soon as you send content to someone else, it should be considered public knowledge.

j21jam6

Great to see that BlackBerry is operating with an eye on the future.

Go BlackBerry!

Posted one-handed via BlackBerry Z10

LordDraco

Spielberg's Minority report type of authentication in the making.

Posted via CB10

Plazmic Flame

I really need to watch Minority Report again.

nt300

I will say this once again, BlackBerry is here and kicking.
BBRY all the way hands down and this news proves BlackBerry means business.

Warren1969

Can someone please tell me how to side load Instagram onto my BBz10? Thanks!

Posted via CB10

Its Spade

Check the forums... alot of threads explain it..

Member of Squircle of Trust!

wout000

While this is grossly of topic, Crackberry members do help each other...
go to: http://forums.crackberry.com/android-app-sideloading-f279/new-bb10-sidel...
Download the tool, search for instagram and install it.
Or as Spade said, go nuts here => http://forums.crackberry.com/android-app-sideloading-f279/

jrohland

BlackBerry's future is most defiantly uncertain. However, like any company, they will continue business as usual until told to stop.

MrJohnyBoy

With their new devices and so many things coming down the pipe line I still don't understand stand why they would even consider selling. Is it just corporate greed? Live for the moment, get the company on their feet then kick the chair out from under, make as much money as possible then leave? I wish Mike Lazaridis and Jim Balsillie was back in the drivers seat. I don't trust Thorsten Heins anymore.

Posted via CB10

mavsguy842

BlackBerry seems to be advancing faster than I can ever remember; with frequent OS rollouts with substantial improvements, changes to BB World, BBM Channels, cross-platform BBM, the upcoming Z30, joining the Qi standard and now the Fido Alliance. Then you have talk of them pushing to wrap up a sale by November. Either they're full-steam ahead to build momentum for a sale and increase the share price, they already know who they'll be creating a strategic partnership with and are looking to make it as enticing as possible, or they already know for sure someone will take them private, and that someone wants to continue down the path that Thorsten laid out a couple of months ago. It will be VERY interesting to see what happens in the next few months. Regardless, the product is better than it's ever been, and improving faster than I can ever remember.

1roguecanuck

I agree that they are moving at a good pace. I hope they can maintain this pace indefinitely.

I believe that they will be taken private and that is why we seem so many improvements moving forward. If they were really in that bad of shape people wouldn't be signing on for partnerships with them at the rapid pace we have seen.

Posted via CB10

Kriilin Namek

I agree, that's why the speculation on the business end is so jarring, they're not acting like a company boarding up the windows, quite the opposite actually.

Playbook007

Thanks Mav! We have to put the pieces together for Kevin, Blaze and company for they have lost hope. I am sorry, I just see great positives with BB10. I can see how the constant trolling, and financially backed media bashing has taken its toll.. but slowly this BB10 platform is getting in the hands of the consumer 1 by 1 and it is slick. Time will win hearts.

BlackBerry will survive in the Corporate and Government Sectors! My Z10 is so much better than an iphone!

jekylljones

BB really need to get the NFC permissions opened as I'm unable to use my Yubikey neo with the Lastpass app.

DayGloZ10

Biometrics should hold hold everything, and should be transferable to new devices. Once the biometric readings are transferred, the phone becomes the customers and return policies are a thing of the past.....fircing customers to find out how to use their device, mwahahahaha

Posted via CB10

BB-Marcus

Business as usual. That's great news and worth sharing, just goes to show the towel has not been thrown in yet. Keep moving BlackBerry. It's the secure element of BlackBerry that has always made me stick with them, sadly there is a very large section that don't seem to give a damn or at least happy to stick heads in the sand. I've often wondered if BlackBerry marketing should make more of this side of things and not just for businesses.

Posted from my Z10 with CB10

jimpilot

I am optimistic that because the OS is so superior someone will back/partner with BB and they will survive and then prosper. If the general public and then developers can just find this OS it will take off

jimpilot

And then the squircle will live forever

Anonymous2039

What is a squircle? A square circle, as is staed on Wikipedia?

--Q10 and Canadian all the way!

Playbook007

For the average consumer security does not rank as an issue. Security only becomes a concern to them when it's too late! What can you do!?

BlackBerry will survive in the Corporate and Government Sectors! My Z10 is so much better than an iphone!

BB-Marcus

Yes agree, this is why its worth trying to make them aware but instead of just scare tactics with all doom and gloom, throw the user a rope in the guise of BlackBerry :)
My experience with end users has always been to go for the subtle approach, "Oh you don't use a password, I guess that's fine if you don't use it for facebook, twitter, taking personal photo's etc..." most times this tends to work, although interestingly I have found its the BlackBerry users that more often than not have a password set.

fermanagh

Folks, BlackBerry isn't going anywhere anytime soon! I work for a Fortune 500 and we're currently running a BlackBerry 10 POC. Everyone is impressed, even the top dogs...if they do get sold, their MDM and NOC solution will survive, too many corporations rely on tight security. Name me one MDM solution that can give BlackBerry a run for its money ??? No one wants to deploy Android due to security concerns and the iPhone is too expensive, their OS is also stale...Apple is not as popular as it once was...i would wait for full disclosure of BlackBerry's plans before jumping the gun and asking the 'what ifs'!

Posted via CB10

BbRitch212

BlackBerry 10 sales have been disappointing but they shouldn't rush a sell. See how cross bbm does, see how the Z30 does, do better advertisement and there's actual rumour about instagram coming to 10.2

Posted via CB10

mICRoMaTe

The smart ones will start selling their BlackBerry phones when its still valuable.

Posted via CB10

Anonymous2039

Or just use them until they die, because that's probably what they'd do otherwise!

--Q10 and Canadian all the way!

emstardeluxe

Why on earth would I trade the paltry sum a well-used Z10 would command in exchange for not getting to use it anymore?

Posted via CB10

R Field

Hmm interesting I think this was the workplace endpoint solutions Thorstein was talking about about how the BlackBerry 10 devices would be used to replace work key fobs.

CB10- BlackBerry Z10 - 10.2.0.1047

currentodysseys

A wifi and luetooth enabled authentication by proximity to my laptop unlocking it when I leave the phone at 0,5meters distance and locking it if out of reach would be great!

Aprt from that the logic for office doors ans login in the building would be great!

Another great possibility would be in order to use oracle systems and sap, replacing certificates by using the unique BlackBerry id of my device and making this transferable to my laptop or terminal through phone log in as described in the beggining would make it possible to access applications on server either from the phone or from my laptop without setup of certificates on each device.

This way the it admin can just set up by BlackBerry id and this would be the key for seamless integration of security authentication for everything without hassles. In case the phone gets misplaced the I'd is blocked by the admin and all is good!!

I can keep on and on with this, from car key replacement to atm use and more... the possibilities seem endless... great stuff!

Although BlackBerry is getting sold, this is maybe an indication of what the future "BlackBerry" is all about and a "mobile computing" materialization example to me...! nice one!

"Hey that is my Q... 10... via CB10

StoicEngineer

For anyone who was as confused as I:

"The FIDO (Fast IDentity Online) Alliance, an industry consortium revolutionizing online authentication with the first standards-based specifications, today announced that BlackBerry® (BBRY)(BB.TO) has joined the Alliance and been appointed to the Board of Directors."

That is, FIDO has no relation to Fido the Canadian carrier.

To answer the question, NFC apps for point of sale use makes sense to me. It is one step closer to a BlackBerry wallet.

It also plays to BlackBerry 's strengths. The important thing will be the back-end (bank/money transfer) security. If someone can get into the system by stealing one's phone identity the result would be disastrous.

Posted via CB10

3_M4N

I'd really like to see phones be used in payment systems in this manner soon. It would be so convenient. Also, as that system of payment becomes more prevalent, it would really give BlackBerry a chance to shine as an unmatched secure mobile payment device.

Posted while peeking and flowing on my incredible BBQ10!

Toshido

A colleague had a Leno laptop that would do facial recognition. Do that from the z10 and couple that with the NFC to replace keys (house, car, work, etc). Add an NFC receiver to your laptop you can lay you phone on to enter your passwords, or plug in using the use port.

That is what I would like to see.

Posted via CB10

DuexNoir

If BlackBerry is planning on selling their company (just read Kevin's previous post) , why would they start taking initiatives like this now?

Posted via CB10 on my Z10