Google acquires SlickLogin: dogs go wild!
SlickLogin, an Israeli start-up, is behind the technology that allows websites to verify a user's identity by using sound waves. It works by playing a uniquely generated, nearly-silent sound through your computer speakers, which is picked up by an app on your smartphone. The app analyses the sound and sends a signal back to confirm your identity.
The firm confirmed the acquisition on its website but did not provide any financial details of the deal.
Too bad they don't still put whistles inside packages of Cap'n Crunch cereal!
(Score: 2, Informative) by edIII on Tuesday February 18 2014, @06:15PM
That's really no different of an authentication scheme than one that just goes through the Internet. Authentication is performed because the smartphone decrypted a payload to send back. That smartphone still needed to be secured through other means.
What this is really more like is out-of-band key exchange.
Website sends random number in plain-text. Smartphone detects random number. Smartphone applies agreed upon mixing procedure (probably traditional crypto) and sends back through communications medium that is different than website-device being authenticated.
An eavesdropper would need to present in all 3 mediums, as well as the attacker. Website-Internet, Physical Environment, Smartphone-Internet.
Out-of-band is not a new concept either. Google already has a patent on another form of out-of-band key exchange.