The Extinction of the Key: Mobile Security Taken to the Next Level

A curious thing is taking place in the world of technology. Over the past ten years the landscape of electronics and what we believed to be possible/impossible has drastically changed. We can purchase movie tickets via our smartphones while drinking our skinny lattes at a neighboring coffee shop. We can purchase that coffee through a credit system that the barista scans via our mobile devices. That same coffee can then be entered into our calorie counters through the same device where a warning may or may not be displayed telling us that we are dangerously close to our allotted calories for the day.

Each day more and more programs are made to be used with our mobile devices that are capable of doing things our grandparents thought unimaginable. The latest innovation that is sweeping through the tech world puts a direct challenge to the world of security, however, it may not be the security you are thinking of.

Late last year, Fraunhofer Institute for Secure Information Technology (SIT) put the finishing touches on their software which has the potential to completely eradicate the physical lock and key from pockets and doors all over the world. The idea for this came through what hotels and resorts have been doing for quite some time.

The modern resort/hotel getup will almost always see that its patrons receive a small plastic key that closely resembles a debit or credit card. This key is then used for entry into the guest’s room, ensuring that they are the only ones who are allowed access. It is from this idea that SIT’s program ShareKey was born. SIT representative Alexandra Dmitrienko stated: “The solution is built around modern security technologies and can be easily integrated into existing access control systems.”

In layman’s terms, SIT has virtualised the idea of the key card and turned it into a full-functioning app that will allow users with specific access privileges to open a doorway or lock that has been synced up through the same program.

The program works through an information exchange from the programs servers that then communicates with a user’s device and subsequently, the lock in question. ShareKey also allows for users to share these virtualised passkeys with others who have the app installed on their mobile device. With proper security clearance, one user can pass along permanent or temporary access to another user. This can come in the form of number of entries or also in terms of time, say an hour or day window.

Hypothetically, I could send my front door’s unique passcode credentials to a friend who needed to drop off work material. My friend would simply need to receive my shared information which ShareKey makes sharable through text message, email or directly through the programs menus. While the app is still in its nascent years, eyebrows have already begun to be raised at the integrity of such a program. In an age where computer hackers can seize personal information in through even the smallest hiccup, safety concerns for ShareKey are called into question. In order to put these fears at rest, SIT has released several statements about the complexity and amount of time that has been spent making their security protocols for the program as state of the art as possible.

SIT also has stated that even if the parent server becomes hacked or compromised, access to these locked areas will still not be able to be achieved due to the information that is stored both in the encrypted data that is sent to the user and on the application that has been downloaded to their device.

Even still, equipping your mobile device with the latest security systems from a trusted provider is probably a good idea. A variety of companies have tailored their computer versions to perfectly fit mobile users. Trend Micro and Norton offer some of the most well reviewed services that are available at the moment.

With all the focus on the propensity for electronic misuse, it is still possible for a user’s mobile device to be stolen or taken and entry be made through a malicious user physically holding the phone. Of course, this can be said for a physical key so user accountability is still a must. Think this could be something that would work for you or your business? The necessary hardware appears to be retailing at about $200 per unit, but with electronics tendencies to fall in price the longer they are on the market, these costs could very well fall below the $100 mark in the coming years.

Charles Trentham is a diehard tech blogger who loves to write about software, technology, and future science. After retiring from a small telecom startup after the bubble burst, he's been blogging full time, including some freelance work on such topics as mobile security in order to feed his tech habits. He enjoys spending time with his family and Kelpie named Elaine.

Join the CSO newsletter!

Error: Please check your email address.

More about NortonTechnologyTrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Charles Trentham

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place