Motorola Uses NFC To Enable Touch-to-Unlock For Smartphones

colinneagle writes "A lot of people don't password-protect their smartphones, and even those who do employ a simple four-digit passcode to at least keep it a little convenient. Their phones aren't really protected, as the National Institute of Standards and Technology (NIST) recommends a 12-character random password. Those who check smartphones 50 times a day would probably get tired of that. So Motorola developed the Skip, an NFC-based unlocking tool smartphone users can clip to their clothes. Tapping an NFC-enabled phone to the Skip unlocks it. The Skip also comes in sticker form, so users can install one in their cars or at their desks." That's why the muggers want your jacket, too.

Re:

[Firethorn]

Of course not! They don't want to use some tool specific to the user's security system. They'd much rather just slurp the contents of the phone remotely through the carrier.

Re:

[fuzzyfuzzyfungus]

Of course there will be no government-mandated backdoors in this.

Why would there need to be? It is a matter of controversy whether passwords/phrases are protected from disclosure under the 5th amendment; but physical unlock fobs that can be seized definitely don't enjoy anything more than 4th amendment warrant requirements (and, on a bad day, probably not even that...) A physical fob makes the system markedly more accesssible to authorities, even ones acting within the law.

Re:

[PopeRatzo]

It is a matter of controversy whether passwords/phrases are protected from disclosure under the 5th amendment

I don't think you can call it a "controversy" when the government thinks the Fifth and Fourth Amendments don't apply and the citizens think it does.

I haven't met many people who didn't work for the government who didn't believe their passwords are protected.

Maybe "controversy" isn't the right word.

Re:

[fuzzyfuzzyfungus]

The executive branch considers both to be either ornamental or objectively pro-terror; but RE: passwords and the 5th, my understanding is that judicial opinion has been rather muddled and decisions have gone both ways in various places, which counts as 'controversy' in my book.

I...hesitate... to appeal to public opinion because that seems to vacillate, among all but the most studiously consistent, between "The gummint is taking my rights!!!" and "I saw on TV that he did it, why can't we just lynch him?".

Re:

[PopeRatzo]

A physical fob makes the system markedly more accesssible to authorities, even ones acting within the law.

Simple: make the fobs edible and fully digestible.

Re:

[icebike]

Why would there need to be? It is a matter of controversy whether passwords/phrases are protected from disclosure under the 5th amendment; but physical unlock fobs that can be seized definitely don't enjoy anything more than 4th amendment warrant requirements (and, on a bad day, probably not even that...) A physical fob makes the system markedly more accesssible to authorities, even ones acting within the law.

Right, if they got your phone, chances are that they took it off of you, and have your Skip-Chip as well.
(Its actually not really even a fob, its just something to slide over your pants pocket or belt. (Better Picture Here [talkandroid.com]).
Comes in a set of three, because you WILL soon lose it.)

But with an APP [google.com], and a cheap NFC stickers you can make your own with any android phone that has an NFC chip.

Some states are Not allowing mobile device searches [abajournal.com] without a warrant warrants, but that is a trifling impediment. When t

Re:

[barlevg]

https://play.google.com/store/search?q=fingerprint%20unlock&c=apps [google.com]

Re: implant

[ross.w]

I do this already using Tasker. Definite prior art there.

Clever

[Nerdfest]

That's a good idea. I think I'll do the same thing with an NFC tag and Tasker. You could also just use any old expired card with an NFC chip in it in your pocket. When I finally get my Pebble watch, I'm planning on having the lock disabled when they're connected to each other.

Re:Clever

[PhrostyMcByte]

It'd be really clever if someone made it into a ring [nfcring.com].

Re:

[PopeRatzo]

It would be more clever if someone made it into an edible piece of candy.

Think of it: A jar full of individually-wrapped Lemonheads sitting on your dresser. They can be "charged" and will work to unlock your device for one day (or one hour), after which they are useless. Can be dissolved in water or swallowed and completely digested.

Personally, I like complex gestures better. It's not that hard to learn to draw a figure that is completely unique to your hand and is extremely hard to forge (especially si

Re:

[PopeRatzo]

Just don't look too hard at that odd-shaped smudge on your screen.

My screen gets covered with all sorts of oddly shaped smudges just from daily use. I would doubt that forensics have advanced to the point where the greasy smears on my screen protector can be deciphered.

Especially if you put the area for the entry of that complex gesture right over the part of the screen that has the virtual keyboard.

Or, how about unlocking by using very specific, complex movements of accelerometer-enabled smartphones, held

Re:Clever

[Areyoukiddingme]

Damn damn damn. You had to paste that link 3 days after the Kickstarter ended, didn't you. If only I'd known. That's what I've been wanting ever since I heard about NFC.

Now I have to wait around until they're selling them, and fork over the extra 6 pounds.

Re:

[Sky Cry]

No need to wait for the Kickstarter version, if you can get this sooner: http://www.nfcworld.com/2013/06/21/324745/geak-unveils-nfc-smart-watch-and-contactless-ring/ [nfcworld.com]

Re:

[wile_e8]

I've thought about the same thing, but doesn't the phone need to be unlocked for NFC to work? (at least on Android, which is what I'm assuming you're talking about since you mention Tasker). I've seen some mods to get around this, but they never worked on my GNex.

Re:

[ElderKorean]

I've thought about the same thing, but doesn't the phone need to be unlocked for NFC to work? (at least on Android, which is what I'm assuming you're talking about since you mention Tasker). I've seen some mods to get around this, but they never worked on my GNex.

I would be happy if there were options of:
"If I see this WiFi network ....., then don't require a password to unlock the phone (also turn volume up)" for at home
"If I see this WiFi network ....., then don't require a password to unlock the phone (also turn volume off)" for at work

Re:Clever

[Stealth Dave]

I agree, it is a good idea, and I did [xda-developers.com].

Re:

[Nerdfest]

Thanks, nicely done!

12 digit?

[Anonymous Coward]

Assuming unlimited password tries, 4 characters is enough. I use pattern lock on my phone and it times out indefinitely after 5 failed attempts, requiring a Google Account Username/Password verified online. 12 digits would only be required for real security if there were no timeout.

Re:

[Anonymous Coward]

I wouldn't mind the Skip plus four characters. Multi-factor authentication, so if the phone is stolen, the really long code is required.

I do this already -- you can split up the screen locker password from the password that unlocks the /data partition, so when the phone first boots, it will ask for the long password, then from there on out, one uses the fairly short screen locker PIN, and too many guesses will cause it to time out.

It isn't bulletproof, but good enough. I wouldn't mind having a NFC key as

Re:

[Anonymous Coward]

Should read "limited password tries" not unlimited. There's always time to proofread after I submit it, right?

Re:

[a-zarkon!]

To confirm - power-down reboot doesn't clear the lock on your phone? If that's accurate, that's cool. Can I ask which phone and OS you're running?

Even more convenient.

[fahrbot-bot]

Tapping an NFC-enabled phone to the Skip unlocks it. The Skip also comes in sticker form, so users can install one in their cars or at their desks.

Or stick it to the back of the phone. :-)

3 pillars...

[Em Adespoton]

Something you have, something you are, something you know.

Seems like this involves 2 "something you have"s. Added alongside facial recognition, and it'd be fairly secure. But by itself....

Re:

[chuckinator]

Facial recognition is painfully insecure and can be easily broken with a portrait photograph of the person you're trying to impersonate. It's security theater for the kool-aid drinkers.

Re:

[geekoid]

It's in its infancy, and not kool aid.
That said, the vast majority of unexpected phone access come from people leaving their phone someplace. What are the odds that the person who finds it ALSO has a picture of you?

Security isn't about absolutes, it's about layers, risk, percentages and time.

The issue you bring up have been solved in high end racial recognition tools.
Eventually the phone.

Re:

[Beorytis]

On the bright side though, the muggers won't beat your face up (at least not until they unlock the phone).

And what ?

[lord_rob the only on]

Actually that means that thieves have to steal two objects (that NFC thing added to your phone) instead of one (your phone alone).
Harder for thieves maybe, but the harder it becomes for them, the more violent towards you they can become. I don't think it's a very wise idea ...

Re:

[geekoid]

Actually, the hard it gets the less crime there is. You don't really need to raise that bar very far.

Re:

[mattpalmer1086]

I guess the point the OP was making is that the remaining crime may become more violent. But I agree that a lot of opportunistic crime would essentially disappear.

Re:

[hibji]

Apparently it is free when ordering from motomaker...

Re:

[swillden]

Actually that means that thieves have to steal two objects (that NFC thing added to your phone) instead of one (your phone alone). Harder for thieves maybe, but the harder it becomes for them, the more violent towards you they can become. I don't think it's a very wise idea ...

It's always amusing to see the lengths to which some slashdotters will go to criticize an idea.

Re:

[lord_rob the only on]

The role of of the comments is to stimulate debates. There are no debates without people for and against a concept.

Re:

[swillden]

The role of of the comments is to stimulate debates. There are no debates without people for and against a concept.

If I had more time, I'd invent some bizarre and ridiculous counterargument.

Inc

[Impy the Impiuos Imp]

> smartphone users can clip to their clothes.

Seems inconvenient. Can they build it so I can clip it to my smartphone?

Re:

[Em Adespoton]

The 4 digit pin isnt to keep some hacker from accessing your phone. its to keep a casual acquaintance/friend/coworker/family member from easily getting access to your phone which has private content on it. Even them most vanilla person in the world has personal info. The wilder ones have self-porn. I dont use a password but I also never leave my phone unattended. Also dont have nudity on my phone...

Do you have passwords for other accounts on your phone? Contact info? Addresses, calendar invites? Call logs?

Re:

[Beardo the Bearded]

In Canada, a password means that the police require a specific warrant to access your phone.

If it's not protected, they can just put their dick in there if they're arresting you or even just asking you questions.

Theres already an app for that ...

[MondoGordo]

nothing new here folks .... NFC Secure ... https://play.google.com/store/apps/details?id=com.t3hh4xx0r.nfcsecure&hl=en [google.com]

Re:

[barlevg]

What do you use as the NFC key? Only NFC device I can think of in my possession is, well, another phone.

Re:

[MondoGordo]

any NFC tag ... they're available online for less than a buck apiece.

Re:

[geekoid]

It will pair with any NFC key. So if you are using one for something else you could use that. You could get one of those NFC rings.
Maybe an old CC card?

Re:

[noh8rz10]

yeah but at least they can't access your selfies.

Re:

[Beardo the Bearded]

Kickstarter products don't exist until you've opened the package. It's like software. If your best friend that you trust with your life promises the software will be ready tomorrow, then you don't depend on that software being ready until you've installed it.

This Skip is available in real life.

won't even need a $5 wrench...

[slew]

Obligitory [xkcd.com]...

Re:

[noh8rz10]

If only somebody would invent or release a phone with a fingerprint sensor! maybe in 2020 or something like that... but who has the knowhow and innovative spirit to do such a thing?

SnowShoe would be a lot more convenient

[Laxori666]

New tech startup called Snowshoe [snowshoestamp.com] has an interesting take on this. Basically it's a fingerprint that already works on all existing touchscreens. Doesn't require any battery power. I saw their 5-minute pitch from the latest TechStars, seemed interesting!

Re:

[hibji]

Why would would it be more convenient? The snowshoe stamp requires the screen to be on. The stamp itself doesn't require battery power, but neither does an nfc chip. The stamp is also huge in comparison to an nfc.

12 Characters?

[wisnoskij]

Why would you ever need so many. Only allow fives tries a minute, after the twentieth try go into deep lock-down mode and only allow some admin password to unlock. There three digit password is good enough now.

Re:

[hsmith]

Because, the "twentith lockdown mode" is useless. Image the phone and you can have as many tries as you want.

50 times a day...

[GumphMaster]

Those who check smartphones 50 times a day would probably get tired of that.

Further aiding and abetting their addiction is probably not a good idea.

Real News: MotoX has NFC chip active when locked

[slacklinejoe]

The part most folks are missing that while you could do this on certain custom roms, almost every phone maker has the NFC sensor turned off unless the device is unlocked. While I use tasker and NFC quite a lot, I can't make it do this without installing a custom rom that enables the NFC. Now the flip side is that if the device is processing NFC when locked, that means someone can bump into you and have your phone activate website URLs or trigger things like google wallet depending on your settings.

Atrix 4G

[chavez chiu]

That's why the phone is great, just a swipe with your finger on the fingerprint sensor. I've no idea why they get rid of this idea.