This software never forgets a face
We take a “faces-on” first look at SensibleVision’s FastAccess facial-recognition technology.
If youre smart, you use a complex password for every secure website you log into. If youre human, youre sick and tired of having to remember complex passwords for every secure website you log into. SensibleVision promises a better solution in the form of software that logs you on practically the instant it recognizes your mug. Ive been using a beta version of the program on a Windows laptop, an iPad, and an Android smartphone, and have been very impressed so far.
If youve been following the epic fail of Android 4.1s Face Unlock feature, youre probably snickering. Jelly Bean had barely emerged from Googles labs when people figured out that Face Unlock could be fooled by a simple photograph of the users face. Google quickly tweaked Face Unlock so that you had to blink to prove you were human, but that didnt provide much of an obstacle, either. So what makes FastAccess any more secure than Face Unlock?
For starters, FastAccess offers the option of two-factor authentication: Choose this option and in addition to enrolling your face, youll also pre-register either a connect-the-dots gesture or a symbol (such as a snowflake, puzzle piece, butterfly, and so on); both elements will be required to log in. So even if hackers successfully trick the facial-recognition algorithm using a photo or videoa feat we werent able to accomplish with this software, by the waytheyd also need to know your secret gesture or symbol before they could pose as you. These elements pop up in random areas of the screen, to prevent finger smudges from giving them away.
Secondly, SensibleVision maintains that FastAccess doesnt simply enroll your face the first time you use it, but that it learns new elements of your features each time you use it. The software tracks approximately 400 to 1,000 points and contours of a persons face, including the eyes, nose, and mouth. Hairstyle and eye, skin, and hair color are not taken into account, since the user might change these features (and the camera could induce color shifts).
FastAccess can use facial recognition to unlock your Windows desktop or laptop computer (provided its equipped with a webcam, of course), but it cant do this on a Mac because Apple forbids third-party developers from implementing such measures; the same goes for iOS devices. SensibleVision plans to add an unlock feature to FastAccess for Android, but the company doesnt recommend locking mobile devices. And when you hear the reason why, it makes perfect sense.
A computer is accessed less frequently and is used for longer periods of time than a phone or tablet, explains SensibleVision Senior Project Manager Darin Beery. Locking a computer is entirely appropriate. A phone is accessed much more often, typically for very brief periods of timeoften measured in mere secondsand often for tasks which require no security. Forcing the user to authenticate to play a game, check the weather, or navigate their car is unnecessary and creates frustration; which typically leads to no security at all.
FastAccess can also track users while theyre using a device and quickly switch between authorized users. I established one profile for myself, and a second for my wife on the same iPad. When I handed the iPad over to her, FastAccess immediately recognized her face and prompted her to choose her security symbol. On my Windows PC, I was able to configure FastAccess to automatically lock the computer when I walked away from it, and it would recognize my face and unlock the computer in less than two seconds when I moved back in front of the computers webcam. While you might not need that level of security at home, it could be a boon to businesses with high security needs or medical practices that must comply with strict governmental privacy regulations, such as HIPPA (the Health Insurance Portability and Accountability Act of 1996).
As I mentioned earlier, FastAccess is even more useful when it comes to logging into secure websites, such as online banking, online shopping, and webmail. The first time you visit such a site after installing the software, it will ask if you want it to remember your login credentials. If you do, the next time you visit the site, FastAccess will pop up, examine your face using the devices camera, andprovided it recognizes youprompt you to enact your preset gesture or choose you preselected symbol. If both factors are recognized, it will log you into the site without your having to type in your credentials.
In my experience, this routinely happened more quickly than I could type have typed them in; more importantly, it allowed me to create extremely complex passwords that I never needed to memorize. And if you access these sites using multiple devices, FastAccess will automatically download this information to each device on which the software is installed.
In order for all this to work, youll need to set up an account on SensibleVisions servers, where all your login credentials and passwords will be stored. After the security lapses at sites such as LinkedIn, Sony, and Yahoo, we should all be wary about storing such sensitive information in the cloud. SensibleVision, with a background in enterprise data security, uses 256-bit AES keys to secure each users credentials while theyre stored and while theyre in transit.
But the company goes one step further: Rather than encrypting an entire database of user accounts using a single master key, SecureVision encrypts each individual account using a unique and independent key. If hackers ever manage to break into one users account, only that user would be affectedthe rest of the database would remain secure. This effectively removes an incentive hackers have to attack the database in the first place, says Beers. The effort required is quite high while the payoff is quite low.
The downside to using a unique encryption key for each user is that you wont be able to recover your SensibleVision account credentials from the cloud. If you forget your password, youll need to create an entirely new account. To avoid the hassle of reloading each individual login ID and passwords into your new account, the company will encourage users to create a password-protected backup, so that if you ever need to do this, you can simply upload the information all at once.
FastAccess will be compatible with the Windows versions of Chrome, Firefox, and Internet Explorer, and Safari on the Mac (Chrome support for the Mac will come later). There will also be Android and iOS apps. The Windows version will cost $19.99, but the Mac version will cost only $6.99 because it cant be used to lock the computer itself. The Android and iOS apps will costs $2.99 each. SensibleVision expects to ship all versions of the software on September 15.