Evolution of LaunchKey Mobile

Mar 3, 2016 By Armando


Authorizations view with Mobile v1 Authorizations view with Mobile v2

LaunchKey has always been keenly focused on security. This is especially true for our mobile applications. LaunchKey's mobile apps are the gateway to authenticating users and authorizing access to applications and services. After years of hardening our mobile applications, they were due for a UI refresh. This was the driving force behind launching LaunchKey Mobile v2 on Android and iOS platforms [1].

Since LaunchKey's inception, we've striven to make our solutions as feature-rich and intuitive as possible. LaunchKey Mobile has matured over the years to incorporate more authentication factors, support for OTP tokens, additional device linking methods, security policies, and others while maintaining our steadfast dedication to security and privacy.

In 2015, LaunchKey focused on making the mobile platform platform more extensible via our white label product offering. LaunchKey White Label allows mobile application developers to embed LaunchKey multi-factor authentication (MFA) technology within their own mobile application. The utilization of a simple mobile SDK allows mobile application developers to provide their existing users with the highest level of MFA without the need to become experts in security and cryptography.

The latest iteration, LaunchKey Mobile v2, is a huge step forward towards making MFA available to the masses. A modern and easily understandable interface is crucial to helping users abandon the familiar yet archaic model of protecting their personal and financial information with the use of centralized password. Application interfaces are key drivers to technology adoption. This proved true the LaunchKey mobile application as well.

The initial user interface had some key issues:

  • Confusing user experience
  • Outdated interface
  • Unresponsive user interaction

In order to tackle those issues with both the user interface (UI) and user experience (UX), we chose Material Design [2] as the design guideline. Material Design would be used in conjunction with design best practices for each platform to make the application feel natural and familiar to users of each platform while having a common user experience across each platform.

The Solution

Authorizations view Tokens view

We trimmed the feature-set to the core functionality of our LaunchKey authenticator. We built the UI from the ground up to make a clear path on it’s proper usage and to focus on what was important no matter where the user was within the application.

We simplified the access to the primary functions available and added a more centralized navigation menu. And most importantly, we offer the user access to several help resources within the app: Frequently Asked Questions, links to guides, a link to our support website, and an interactive tutorial.

Updating the User Interface

Navigation menu

We made use of available Material Design libraries to achieve the design that we wanted. On iOS, this meant completely changing the layout of how the views were stacked to add the very useful navigation menu. While challenging, this design added an extra layer of protection to the app because external users cannot bypass any views that are essential for authorization requests, such as a view requiring a user to enter a security factor (PIN Code, Circle Code, etc.)

With this design change, we made sure that the app still maintains visual actions that are native to iOS users.

Simplifying the User Experience

PIN setup view Circle Code setup view

An example of a feature we implemented in LaunchKey V1 that was very confusing to our users was the “Lock Launch Pad” function. When turned on, it would block all incoming authorization requests. The navigation bar would turn red to indicate that this functionality was enabled but because users would not see their incoming authorization requests. This functionality confused users who believed that their app was not working properly. Because of this confusion, this feature was removed. The amount of confusion created by this feature far outweighed the protection offered. In this instance, less was definitely more.

We also changed a few of the guidelines when setting up security factors to increase security and make the process easier for our users. For example, while users can still set up 4-digit PIN codes, we have increased the maximum length of digits allowed when setting it up as a security factor. The Circle Code now utilizes haptic feedback on supported devices. The haptic feedback will generate a tiny vibration when hitting the hashes to inform the user a hash has been passed over. Users can also start from anywhere in the circle path for the Circle Code. The circle path itself was also stretched to the edges of the screen. It will maintain the dragging event when pressing the screen until lifted, which again, should improve the UX when interacting with the widget.

Educating the Users

Example request

The LaunchKey mobile application already had a tutorial. Unfortunately, some users were still having difficulty understanding the process of accepting or declining authentication and authorization requests.

To combat this issue, the tutorial was enhanced to include user interaction as a way of guiding the users through the process of accepting an authentication request. The new tutorial makes sure the users understand how to use the primary interface of the product before they can link it to their account.


LaunchKey is PHP 7 Ready

Nov 17, 2015 By Adam

With the recent releases of its WordPress Plugin, Native SDK for PHP, and OAuth SDK for PHP, LaunchKey is now fully PHP7 ready. LaunchKey wanted to ensure that PHP developers whom rely on LaunchKey immediately implement PHP 7. PHP 7 was built with performance in mind. PHP 7 performance has been shown to rival the performance of HHVM which is also fully supported by all LaunchKey PHP libraries. For a list of all versions of PHP supported by the LaunchKey PHP libraries, please visit the Teavis CI page for that library:

Continue Reading

LaunchKey to Host Mobile Authentication Design Challenge

Nov 4, 2015 By Press Release

LaunchKey, the leading mobile authentication platform, is hosting a design contest aimed at challenging local engineers to come up with innovative transactions-based apps using its password-free, decentralized mobile authentication and authorization platform. The event will be held on November 7, 2015, from 10 a.m. to 5 p.m. (PT) at LaunchKey's corporate headquarters in Las Vegas.

"LaunchKey got its start at a hackathon event, similar to this, winning first prize at Las Vegas Startup Weekend in 2012," said LaunchKey CEO Geoff Sanders. "We are really thrilled to be able to give back to the local engineering community by hosting this spirited competition, and more importantly, to see all of the creative and innovative ideas that come out of it."

Competitors at the LaunchKey event can compete individually or as a team. All entrants must build their solution using one of Launchkey's SDKs for Android, C#/.NET, iOS, Java, Node.js, PHP, Python, Ruby, or Windows Phone or by directly utilizing the LaunchKey API. A $100 cash prize will be awarded to the best implementations in both authentication and authorization as voted by LaunchKey judges. In addition, the event's participants will vote to select the winner of ...

Continue Reading

Tagged: Hackauthon

LaunchKey's Brand New Java SDK

Sep 14, 2015 By Adam

The LaunchKey Client SDK for Java is one of LaunchKey’s original SDK clients. We are happy to announce that it recently received a full rewrite. The new LaunchKey SDK for Java was built from the ground up to provide as much flexibility as possible for high transaction implementations. At the the same time, simple factories were added that provide developers with the ability to quickly secure their Java based applications without having to get into the internal workings of the client.

This new major version of the LaunchKey SDK for Java will also be our first Long Term Support (LTS) version of the SDK. Long Term Support ensures that developers implementing this version of the SDK will be able to receive security patches and bug fixes long into the future.

The LaunchKey SDK for Java provides a simple interface for interacting with LaunchKey’s multi-factor authorization and authentication platform. The SDK provides both ease of use and extensibility to support the needs of novice to expert Java developers looking to secure their applications with a multi-factor passwordless solution.

For more information regarding the LaunchKey Java, please visit the documentation page.

Continue Reading

Tagged: SDK API

Password Survey - 84% Want Alternatives!

Aug 31, 2015 By Devin

We recently performed a survey asking respondents about passwords and attitudes towards alternatives. There we some surprising results, including the fact that more than 60% believe they have never been the victim of breach and 84% are ready for alternatives. Below you will find a sample of these findings. If you have any questions or comments regarding these results please contact us.

How many passwords would you guess that you currently have?

How do you remember your passwords?

Do you use the same passwords for multiple accounts?

Have you ever been the victim of a data breach or theft where your personal information (e.g., address, phone number, social security number, driver's license number, credit card number) was stolen?

Do you share any of your passwords?

Complete Survey Results

Continue Reading

Evolution of LaunchKey Mobile

LaunchKey is PHP 7 Ready

LaunchKey to Host Mobile Authentication Design Challenge

LaunchKey's Brand New Java SDK

Password Survey - 84% Want Alternatives!

LaunchKey Releases Python SDK for Twisted

LaunchKey Introduces Native WordPress Support in Client SDK for PHP

LaunchKey Honored as 2015 "Cool Vendor" in IAM by Gartner

LaunchKey Releases Client SDK for Node.js

LaunchKey Labs: Log in and out from an Apple Watch

Celebrate The Death Of The Password With Us At Interop 2015

LaunchKey Password-less Cybersecurity Happy Hour at ISC West

LaunchKey Passwordless Authentication, PyCon, and Drones, Oh My!

LaunchKey Releases Brand New SDK for PHP

5 Steps to Help Prevent Identity Theft While Filing Taxes Online

New Biometric Facial Scan in LaunchKey Mobile

Rivetz Corp. Partners with LaunchKey

New Admin Features - Force Auth Factors, Security Fencing

Fingerprint Authentication

LaunchKey and Heartbleed

LaunchKey Now Available For Windows Phone Users And Developers

Enterprise Software Security Management Infographic

More Proof Passwords Fail to Protect Critical Information

In Honor of Movember, Introducing Share Stash

LaunchKey Exceeds Praetorian's Information Security Best Practices

LaunchKey Powers Local Motors Keyless Control Project

LaunchKey Achieves VerAfied Status

Killing Passwords with Anonymous Authentication

Infographic: Password-free Future

WordPress and LaunchKey: Kill Passwords on Your Blog or Website

LaunchKey Privacy

Public Beta Launch

Announcing Private Beta