I’ve been studying for CompTIA sec+ for a month or two, I’ve been reviewing the proper PDF study guide, along with Professor Messer’s videos on Youtube.
I finished the last half of 2.3 Secure Application and Development, and 2.4 Authentication and Authorization. Upon reading and watching some thing interesting caught my attention.
GAIT AUTHORIZATION. This is a method to verify a user based on something you exhibit. I found this study (archive) in which they admit it was a small sample size, but the authentication method had a 90% success rate.
This type of authentication works by using the sensors in the phone to collect data as you walk. Also mentioned is the ability to use the motion as one factor in a multifactor authentication, this would make the device more secure. You walking with the phone in your pocket, your raising the phone to your face, and your face would all be factors in the authentication process. In this blog post (archive) Brendon Wilson states “Apple has stated Face ID has a FAR of 1 / 1,000,000”. YOU CAN NEVER BE TOO SAFE. I curious if this method as been considered, or maybe the False Rejection Rate after this change would be too high. For the time all I can do is speculate. Ok I’m rambling bye.
Leave a Reply