BARCELONA, Spain — Security is one of the biggest issues facing basically anyone who does anything online — not just the constant hackings and data exposures, but the sheer challenge of managing a mountain of disparate passwords and security schemes. Trying to keep everything straight is increasingly impossible, which leads many to turn to rather less secure system. You know: pads of paper and shared online documents.
We just got a demonstration of a solution from Hoyos Labs what looks like it could be a better system. Called HoyosID, it’s an app (iOS and Android) that uses biometric data to uniquely identify you. Namely: a selfie. Launch the app and it flips on your front-facing camera to verify who you are and then, in concert with a desktop browser plug-in, securely signs you into the Web site in question on your PC. Any Web site. The system looks at facial structure and other biometric information to ensure you are who you are and not simply a picture or video of you. (Or some other bloke with a beard and a nice smile.)
To use the app you must begin with the painful process of entering your usernames and passwords into the encrypted database maintained by the app. It’s stored locally and never pushed online, so in theory even if the Hoyos servers were compromised, your data would remain secure. Then, after you install the requisite browser plug-in, you simply tap on the site you want to sign into and smile for the camera. If you are who you say you are, the app enters in your username and password and, hey presto, you’re logged in.
Where it gets more interesting is the ability to share with other users. Enter their e-mail address and they get a notification that adds the site to their list in HoyosID. It’ll even keep things current across users and devices, so if you change the password, the updated (and encrypted) string will share across phones.
We spoke with Hector Hoyos, CEO of Hoyos Labs, about the app, who indicated this is a first step of rolling out biometric security to the masses. His company has also developed password-free B2B solutions, and the hope is that this sort of solution could be integrated into this consumer app as well. Eventually. “We have no relationships with any of these companies,” Hoyos clarified, though some have expressed interest. Some, too, don’t like the idea. One bank in particular is already trying to block the password-entering piece of the equation, and we wouldn’t be surprised if more do the same.
The app launches next month and will be available for both iOS and Android. The iOS version will cost you $1.99 per year, while Android users get the first year free — but after that they, too, will need to pay up.