20 Jan Synaptics ‘IronVeil’ Brings Biometric Security To The Desktop PC
Synaptics IronVeil technology on a ThermalTake gaming mouse (Credit: Anshel Sag)
Over the last week, there have been some important announcements related to client device security. Intel announced Authenticate yesterday, and late last week, Microsoft reiterated support for Intel’s Skylake with its Credential Guard. Security is becoming one of the most important things that businesses and consumers think about when it comes to their computer usage. Given the learnings from both the Sony and Target hacks, the increase in state sponsored hacking, and the press that the iPhone photo hacking incident received, this make a lot of sense. One of the leading companies enabling client device biometric security has been Synaptics through their fingerprint sensor technologies.
At CES 2016, Anshel Sag and I sat down with Godfrey Cheng, Synaptics Vice President of Marketing, and had a chat about “IronVeil”, Synaptics new biometric security technology for desktop PCs. Synaptics believes IronVeil will not only bring more security to the day to day desktop PC productivity user, but also to the gamer who spends even more time with passwords than the regular PC user. All of the digital goods and micro transactions that games have nowadays pushes the use case for something like IronVeil beyond being just a comfort, but a necessity.
Synaptics fingerprint reader (Credit: Anshel Sag)
The purpose for Synaptics bringing IronVeil to the market has a lot to do with the increasing need for more security and having to remember multiple complex passwords and/or use multiple factors of authentication like an SMS message. These have all made the PC user experience much worse because people forget or mistype their passwords and in some cases can get locked out. The likelihood that users will forget their passwords only goes up as they use more mobile devices that already have biometric security installed. Once you add up all of the time from forgotten passwords and mistyped passwords, you start to realize that something like IronVeil makes a lot more sense since it requires physical presence for security as well as doesn’t require the user to remember any complicated passwords.
The biggest problem for the industry in this space is that biometric authentication methods aren’t communicating outside of their given platforms. They’re in a walled garden. Samsung Electronics and Apple allow for biometric authentication inside their applications and devices and publish APIs to connect, but many service providers sit on the sidelines because it’s too much work. This problem is being solved, thankfully, by the FIDO alliance. FIDO (Fast ID Online) exists to create an industry-wide method of adopting biometric security as a single or multi-factor authentication (MFA) and to standardize those processes and security requirements so that there can be certified devices that are compliant with FIDO. By creating this standard and certification process, the industry will be able to work together in both hardware and software to enable secure authentication through a broad set of applications outside of just logging into a device. As of today, there are already over 100 FIDO certified products on the market and companies like Google, PayPal, Samsung Electronics, Bank of America, NTT DoCoMo, Dropbox and GitHub already have FIDO-enabled authentication protection.
While having FIDO compliance and ISV (integrated software vendors) onboard with IronVeil is extremely important, it is also important to know that Windows 10 already comes with built-in biometric authentication capabilities. These capabilities are branded as Microsoft’s Windows Hello, which I have extensively used on my Surface Pro tablets as well as my SurfaceBook. However, Synaptics’ IronVeil allowed me to connect my mouse to virtually any Windows 10 PC and enable Windows Hello through my fingerprint enrollment process. What makes Windows Hello so fantastic is that it enables you, the user, to log in to your PC faster than you ever could if you used a password and more securely because it uses a fingerprint. Microsoft has already bult-in FIDO compliance into Windows 10 with their Microsoft Passport authentication management suite that allows you to enable multi-factor authentication and biometric authentication like Windows Hello.
At CES in my meeting with Godfrey Cheng, I was given a Thermaltake Black V2 mouse that was modified with Synaptics’ IronVeil technology inside. Most people, to be quite honest, would have no idea that this mouse even had a fingerprint sensor integrated into it. Thermaltake and Synaptics did a fairly good job integrating it into the mouse. The initial setup only required me to install the mouse and some software that came on a USB drive. Beyond that, all I had to do was start up the software and enroll my fingerprint into the software and it stored it for me in my Microsoft Passport. I was then able to restart the machine and log in with a quick tap of my fingerprint on the side of the mouse.
I’ve been using it for almost a week and I’ve found the experience to be much better than typing my password, which sometimes in the morning can be difficult when my fingers aren’t placed on the keyboard right or I’m just not fully awake yet. The IronVeil sensor on the Thermaltake mouse hasn’t given me any false positives and has worked for me at least 50% of the time on the first placement. If not, it almost always works on the second try. This, I believe, is because of the fingerprint sensor’s placement which was decided upon by Thermaltake and is in a bit of an unnatural location for me. Your mileage may vary. I would have preferred that Thermaltake put it in a more natural location because Synaptics’ technology is very good at preventing false positives and it shouldn’t be an issue to place it somewhere closer to the palmrest of the mouse. But even with this small caveat, I assume there will be others that will implement IronVeil with perhaps different placement and can make the experience even better than it already is. The overall experience of using IronVeil has been fantastic and has genuinely shaved off quite a bit of time for me when logging into my desktop since my webcam doesn’t support Microsoft’s Windows Hello.
(Credit: Anshel Sag)
The largest opportunity for Synaptics’ IronVeil lies within the exploding eSports scene that was mostly created thanks to “free to play” games like League of Legends. Like on smartphones, these free to play games make most of their money from micro transactions which require the user to authenticate every time they purchase something. That means a lot of passwords and authentication to verify the purchase. These game developers should be extremely interested in implementing something FIDO-enabled with IronVeil and working with the many mouse and keyboard manufacturers to enable secure biometric authentication. This way, they can more securely protect users’ accounts in games like DOTA 2 and League of Legends where some gamers may have thousands of dollars’ worth of digital goods on their accounts ripe for theft. It also protects the eSports tournament organizes from worrying about the identity of some of the people competing in online competitions. This means that they can have gamers use IronVeil-enabled mice in conjunction with their live streams to ensure the utmost levels of security. Even the eSports betting scene like Rahul Sood’s Unikrn can utilize this technology to more securely and definitively protect people’s betting accounts since the assumption is that 90% or more of their users are already gamers that play the games they’re watching.
The applications for Synaptics’ IronVeil in gaming and non-gaming on the desktop PC are vast and make a lot of sense for a lot of reasons. It also enables PC peripheral manufacturers like Thermaltake to create products that allow them to differentiate themselves and charge an even price. Gamers who use IronVeil mice will not only have better overall PC day to day experiences but they will also have more secure and easier gaming experiences as well. I think this becomes a “no-brainer” once FIDO becomes a standard across the entire industry. I would honestly love to see this in computer peripherals of all types, but the gaming use case really stands out as one of the strongest, especially among eSports and free to play gamers.