In May, we added support for biometric fingerprint authentication to LaunchKey Mobile on supported devices. Today, we're excited to announce the release of another new biometric authentication factor: facial scan.
With this new inherence factor of authentication, you can authenticate with the biometric signature of your unique face. Instead of swiping the LaunchKey slider upwards to authorize an authentication request through LaunchKey Mobile, you'll utilize the front-facing camera on your mobile device to scan and authenticate your face.
Now that we've added facial recognition to LaunchKey Mobile, you'll automatically be able to extend this powerful authentication to any LaunchKey-supported system. With LaunchKey's WordPress plugin for example, LaunchKey becomes the first plugin to bring biometric facial recognition to WordPress. Check out our docs section to see what other systems LaunchKey integrates with or utilize our REST API to make your own integration.
Facial Scan is currently available on all supported iOS and Android mobile devices. To setup Facial Scan, enable it within your control panel inside LaunchKey Mobile. And don't worry about the sensitive nature of your biometric data -- as with all authentication data used by LaunchKey, your biometric data is encrypted and stored locally on your device and not on LaunchKey servers.
In June, we quietly released a couple of administrative security features that give developers and organizations more control over how their end users interact with their LaunchKey-secured applications. We've made these premium features publicly available to all developers while we test them in the wild, and we'd love your feedback.
FORCE AUTHENTICATION FACTORS
One of our objectives at LaunchKey is to put more power in the hands of end users to protect themselves with additional security by optionally enabling multiple factors of authentication on their mobile device. If an end user deems it necessary, they can enable any of the knowledge, possession, or inherence factors of authentication available within LaunchKey Mobile such as geofencing, the combo lock, Bluetooth device factor, and others.
However, sometimes an organization or application has such stringent security needs that they must ensure their end users (e.g. employees or customers) utilize a minimum level of security. For these use cases, we now provide the ability to force the use of specific authentication factors, type of factors, or amount of factors, from the API side.
To utilize this premium feature, log in to Dashboard, select the developer application you would like to enable this ...
We are excited to announce that LaunchKey for Android has been updated to support the Samsung finger scanner. This feature is currently available on the Samsung Galaxy S5, allowing anyone with this device to take advantage of password free logins secured by their fingerprint.
Starting today you can log in with your fingerprint to any site that has integrated LaunchKey. This includes WordPress sites, any site that supports OpenID (StackExchange, etc) and any additional LaunchKey integration. Developers and site owners can integrate LaunchKey today for free to enable fingerprint authentication.
To get started, simply update or download the LaunchKey for Android application and enable the Finger Scan feature. Any time a request comes in, your fingerprint will now be required to complete the login process.
This is the first step LaunchKey has taken into biometrics as a factor of authentication. We applaud Samsung for opening this feature up to developers and we hope additional manufacturers take notice. We will continue to leverage all hardware, devices and features available that enable LaunchKey to build a strong multi-factor platform for our users.
If you have any questions or comments regarding this feature, please contact us!
One of our priorities at LaunchKey is expanding our platform support in our effort to make LaunchKey truly ubiquitous. Today, I'm happy to announce LaunchKey is now available on Windows Phone through the Windows Phone app store. Just like our native iOS and Android apps, this app allows end users to respond to launch requests through their smartphone with optional authentication factors like geofencing or Bluetooth available for elite security.
Additionally, we've also released a Windows Phone OAuth SDK and native SDK for developers along with example Windows Phone apps on GitHub. As always, we encourage the white hat community to review our products and services for eligible security vulnerabilities as your responsible disclosure may be worth a bug bounty.
LaunchKey originally stemmed from an idea at Startup Weekend in mid 2012 involving multi-person authentication. Some uses would be sharing content with someone else that should only be accessed with that other person present, or multiple people being able to sign off on a single transaction. We thought it was similar to the often-depicted "Two Man Rule" used when launching nuclear missiles with two separate launch keys, thus came the name, LaunchKey. Today, we call this feature group authentication.
In a fun little side project in honor of Movember, a movement during the month of November to increase awareness for men's health, we've built Share Stash. True to the original idea, it allows multiple people to authenticate, in this case to a shared "stash" of images. Using a technology called TogetherJS from Mozilla, two separate users are able to share a single browser session. Once both log in with their LaunchKey credentials, they'll be brought to a stash that is shared only by them. There is no need to create accounts, every combination of LaunchKey users has their own unique stash.
Share Stash is a great example of LaunchKey's unique capability to secure data with multiple ...