Security and Privacy Vision
You’ve probably noticed that your smartphone is getting really smart. How? Thank the ever-more powerful processors and sensors packed into it, and the plethora of apps you’ve downloaded.
Soon enough, your smartphone will become even more intuitive. Cognitive technologies—such as machine learning, computer vision and always-on sensing—will enhance your device’s ability to understand and anticipate your needs, be aware of your preferences and surroundings, and provide you with relevant and timely information.
But, have you ever asked yourself what would happen if all this personal information that your smartphone “knows” about you winds up in the wrong hands or is shared inappropriately? The good news is that we can use the very same technologies—the ones that made our connected devices so smart—to address our security and privacy concerns.
Our vision for security and privacy
We envision more robust and convenient security solutions that seamlessly authenticate users, preemptively protect their devices from malicious attacks, and enhance their privacy. The foundation of our vision is composed of three technology pillars: cognitive technologies, on-device processing, and hardware-based security.
In this first blog post of two, I will focus on the first key aspect of this vision “seamless authentication”—and how it will be enabled through the three technology pillars. In a second upcoming post, I will discuss the other two important aspects of the vision: preemptive protection and enhanced privacy.
Today’s passwords provide some security, but they can be inconvenient. I think we can all agree that it's a pain to keep track of all of our different passwords needed to access each of our services and how entering these passwords can be interruptive and time consuming. For this reason, people may opt to use a very simple PIN to access their devices or even leave them unlocked. However, as we increasingly use our devices to store our personal information and perform critical transactions, we will need to find new ways to secure them. Most importantly, new ways that users will find convenient enough to use.
Qualcomm is working toward a future in which all of us will be continuously and seamlessly authenticated to our mobile devices with greater convenience. Pretty soon our devices will learn to understand our individual habits and routines, and use that information to authenticate us based simply on who we are, what we do, and by the other devices we have. For instance, each one of us has a unique set of identifying characteristics; our fingerprints, voiceprints, faces, irises, and even the unique rhythms of our heartbeats can be used for authentication. Our devices will also soon be able to recognize us through our unique behaviors and routines. For example, our mobile devices will get clues about our identity based on the places that we tend to go at specific times, or the particular ways that we walk and use the device. Finally, our smartphones will remember the other devices we use regularly like wearables, tablets, or PCs. So if you’re wearing a smartwatch that has already authenticated you, your smartphone in the same vicinity will get a clue that it’s probably you and authenticate you as well.
To provide a user-friendly experience, mobile devices will automatically choose appropriate authentication factors based on context and availability. That way, multi-factor authentication can happen continuously and conveniently in the background. If you’re typing on your phone, your fingerprint will be detected; if you’re looking at your screen, your iris will be scanned. Your unique voice signature will be captured when you’re talking, and your device will recognize your gait and heartbeat when you’re walking. Most importantly, your device will use this data to learn. So that if it ever does fall into the wrong hands, it will be aware that they aren’t yours.
So, now let’s take a quick look at the underpinnings of our vision and how the three technology pillars will help enable seamless authentication.
The three technology pillars
Cognitive technologies will help in enabling seamless authentication. For multi-factor authentication, a device can use machine learning to record and recognize your unique voiceprint, computer vision can identify you through an IRIS scan or facial recognition, and motion classification algorithms can learn how you walk based on captured data from the always-on motion sensors. Whichever authentication method is used will be automatically chosen based on context and availability.
On-device processing provides many benefits. Today, users may need to share their personal data in order to enjoy cloud-based personalized services. On-device processing allows users to control their own data, while enjoying a broad range of personalized services. Your sensitive information and credential data, such as biometric data, doesn’t need to leave your device.
Hardware-based security is much more resilient than pure software solutions. For example, your authentication credentials, such as fingerprint templates, will be encrypted and stored in a safe place with a hardware key residing on the chip, so hackers can’t get access to them.
To learn more about our security vision, you can visit the Qualcomm Security and Privacy website.
Check out this video to see Asaf Ashkenazi of Qualcomm Technologies discussing our vision for seamless authentication at the Cyber Research Center at Tel Aviv University.
Watch for my next post, which will detail the other two aspects of our vision namely preemptive protection and enhanced privacy.