“…by using Bluetooth Low Energy to pair a user’s smartphone to their computer, GoTrustID’s mobile app can essentially use the smartphone as a faux-USB security key, since a BLE connection still requires physical proximity.”
GoTrustID is taking advantage of the FIDO Alliance‘s latest authentication standard in a particularly creative way, announcing a new login system that essentially turns a user’s smartphone into a second-factor security key.
The FIDO2 standard is notable primarily for enabling online authentication using biometrics or a security key – the kind of compact device that can be plugged into a USB port and tapped to prove you’re actually physically present at a given computer or laptop. Meanwhile, FIDO “is waiting for the market to further mature before it supports BLE authenticators”, as GoTrustID explains in a statement announcing its solution. But by using Bluetooth Low Energy to pair a user’s smartphone to their computer, GoTrustID’s mobile app can essentially use the smartphone as a faux-USB security key, since a BLE connection still requires physical proximity.
What’s more, GoTrustID’s app can add biometric authentication to the mix, by leveraging fingerprint or facial recognition through the user’s smartphone. The new solution thus should help to further encourage the use of secure, on-device biometric authentication, and in a way that’s particularly convenient for end users.
“What can be easier than making you and your phone the critical credentials for FIDO security login?” asks GoTrustID CEO Darren Lee. “You and your phone are always together.”
GoTrustID’s mobile ‘APP’ is available for both Android and iPhone devices, while FIDO2 login is already supported by major cloud services from Google, Facebook, Twitter, Microsoft, Dropbox, Salesforce, Github, and Amazon.