Shortly after Apple Inc. announced it would open the iPhone's TouchID fingerprint authentication system to third-party developers, Nok Nok Labs began working to integrate it into a product embraced by the Fast IDentity Alliance.
Nok Nok has played a significant role in the FIDO Alliance, established in 2012 to develop stronger e-commerce security. As a founding member of FIDO Alliance, Nok Nok Labs developed the S3 Authentication Suite as the security foundation for FIDO-enabled devices.
A FIDO-enabled device used for access to e-commerce sites can use any number of technologies, including a camera, fingerprint reader, microphone, processing chip or digital certificate.
Nok Nok spent two days testing and integrating TouchID to plug into the lab's multifactor authentication client. Now, any existing application integrated with the authentication client will be able to use TouchID immediately when Apple releases its iOS 8 system in the fall, Nok Nok states in a blog post this week.
Nok Nok emphasizes how TouchID makes it easy for a consumer to set up online authentication, using the iPhone's fingerprint sensor to approve a transaction.
TouchID currently has only two capabilities it can determine if the user was successfully authenticated to the device by the scanner, and it can unlock iOS keychain data with successful fingerprint authentication, Nok Nok says.
This type of local authorization does not provide a way for the app or user to authenticate to a remote server. App developers wanting to implement remote authentication must create their own software, Nok Nok says.
A mechanism to accomplish remote authentication could use the TouchID Keychain application interface to store passwords, Nok Nok says. In that way, a successful fingerprint authentication can unlock the password and allow the app to use that password to authenticate on behalf of the user.
However, Nok Nok says its S3 Authentication Suite software provides a more secure user-friendly option of generating a private-public key, with the private key protected through the TouchID/iOS Keychain and the public key being stored on a server.
"Bringing Touch ID into the S3 Suite fold allows us to offer authentication on iOS devices using not only fingerprint recognition but also other methods such as face recognition, voice recognition and secure PIN with a single integration," Nok Nok states in the blog post.