In the continuing struggle to secure users online, passwords are on the front line of the battle. At the 2105 Consumer Electronics Show in Las Vegas this week, Intel Security (formerly known as McAfee) is now previewing its True Key platform as a solution for the password security challenge.
The promise of True Key is that it will enable consumers to securely log on to multiple Websites and online services. Rather than just using a simple password that the user inputs for each specific Website, True Key uses a unique customer attribute to authenticate access. That unique attribute could include what Intel Security refers to as “facial math,” which, for example, could determine the distance between the user’s eyes and nose.
“The True Key application removes the hassle of remembering multiple passwords and instantly logs you in to your apps, sites and devices using factors that are unique to you, like your facial features and the devices you own,” Mark Hocking, vice president and general manager of Safe Identity at Intel Security, explained to eWEEK. “The more factors you use, the stronger your True Key profile becomes, making it even easier to know it’s really you.”
Intel Security believes that the password problem is a nearly universal pain point for computing users around the globe, according to Hocking. Consumer adoption of multifactor authentication is the next step in password security, he added.
The password problem is one that other vendors have attempted to solve, and so there are a number of strong authentication mechanisms in the market today. Among them is the multivendor FIDO (Fast Identity Online) Alliance, which finalized its 1.0 specification on Dec. 9. One of the FIDO Alliance standard specifications is the Universal Authentication Framework (UAF), which aims to enable stronger authentication through the use of biometrics and other unique user attributes for secure access.
Intel Security’s True Key does not leverage the FIDO Alliance specifications for at least one simple reason.
“True Key was in development before the FIDO spec was in place,” Hocking said. “We have been watching the progress that they have been making and will explore how we can leverage the great work that they have been putting forth in the future.”
In the FIDO Alliance set of specifications, there is also the Universal Second Factor (U2F) specification, which can leverage a secure hardware element to enable access. Google announced on Oct. 21 that it was supporting U2F and the use of a physical USB security key device.
In contrast, the Intel Security True Key does not use a hardware key.
“True Key is an application that users can download on www.truekey.com,” Hocking said. “For now, consumers can join the waitlist or wait until the product is available later in the year.”
The initial release of True Key will support Windows, Mac, Android and iOS devices, and Intel Security has partnerships to integrate the technology with Lenovo and Hewlett-Packard devices.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.