Wearable Consumer Security: Credit Card, Password, Keys, Wallet in Smart Token Ring

The digital world is no longer about cops and robbers but large-scale cybersecurity issues that the Token Ring, a $250 smart ring, addresses at the endpoint level. Unless you live off-the-grid and can do away without passwords and keys, the constant fear of identity theft can be overwhelming. And with everything going digital, keeping secure and authenticated (and not forgetting credentials) is a daily struggle that we wish simplified. How big is this problem globally? The Nilson Report in October 2016 reported the logarithmic rise of annual credit card fraud from 3B in 2000 to over 24B in 2016.

For anyone who has been hacked, it becomes an obsession to manage the risk and ensure that every connection is not just convenient but safe. But choosing which gadget to use among the many in the market is a difficult task. One of the things to consider is whether the developers can keep in step with the pace of IoT, AR, and AI growth. With the Token Ring, you have the confidence that it is not an innovation that’s bound to be just a passing trend like Snap Glasses.

 There was a time when smart wearables were bulky, superfluous, and was more of a problem than a solution – everything that this smart jewelry isn’t. The Token Ring has two-factor authentication and is equipped with a fingerprint sensor, Bluetooth, and NFC (near-field communication) for a contactless operation that does not require Wi-Fi, 3G or LTE. The Token Ring is fully capable of replacing your wallet (MasterCard or Visa), car keys, house keys, access cards and transit cards as well as managing your myriad passwords for your computer (PC or Mac) and other gadgets.

Its minimalist style, functionality, durability, and stylish colors like rose gold, brushed sterling, and rhodium makes it a good-looking, indispensable, discreet assistant that can open doors, gain you office access, pay with MasterCard or Visa, turn-on your computer, and more by scanning, tapping and knocking. Made of Argentinium Sterling Silver, it is more tarnish-resistant than regular silver finishes and has resin protecting the components in the inner rim.

It pulses rainbow lights when it recognizes the user and flashes a blinking red LED light when it doesn’t. According to Steve Dunkel, the fingerprint data used to authenticate the ring is “stored on the secure element within your Token. It never leaves the ring, so you can be sure that it’s safe.” Aside from this chip, it also has an optical sensor that detects when the Token is taken off your finger and “automatically locks the credentials” so it can’t be used by others.

No worries about it getting lost or stolen as it’s uncrackable once removed because it takes biometrics and the ring for it to work – otherwise, it stays locked. Once authenticated, there is no need for a smartphone to process contactless transactions. It is waterproof to a depth of 50 meters, comes with a USB charger and can last 14 days on a single charge. And to personalize the experience, it comes in just your size and authenticated only to a single user. You can even engrave the outer layer to a depth of .6 mm without damaging the core. For now, it only ships in the U.S. but can be used internationally and can load multiple credit cards.

Token works by sending NFC payments from the secure element to the payment terminal. It all works very similarly to Android or Apple Pay. – Steve Dunkel

The company is headed by Steve and Melanie Shapiro (see photos), creators of Digsby, a platform for managing social identities. Combining their Bloomberg and Microsoft expertise with the track record and technical skills of Richard Lourette and Stephen Schultz in biometry, imaging, cryptography, software, hardware, and satellite technology makes the company a heavyweight in embedded wearable devices. Currently, they are working with the biggest names like Microsoft, Visa, MasterCard, and supported by investors among them Bloomberg and Future Perfect Ventures.

“One ring to access everything … Token is your password, house key, credit card, car key, access badge and transit card.”       Steve Shapiro

Photos and video courtesy of Token Ring.

Skygofree: Spying on FB, WhatsApp, Skype and Credit Cards On Your Android

Malware is definitely getting more sinister and Skygofree, said to be in existence since 2014, was reported by Kaspersky as vicious enough to steal messages and take over your phone camera and steal data. The ultimate eavesdropper, Skygofree does not actually read WhatsApp and Facebook encrypted messages but goes around this limitation by capitalizing on Android’s Accessibility Services, something that was created for people with disabilities or limited interaction with the smartphone or tablet.

Kaspersky Lab researchers have uncovered an advanced mobile implant, active since 2014 and designed for targeted cyber-surveillance, possibly as an ‘offensive  security’ product. 

Late last year, it was considered one of the most sophisticated malware affecting Android operating systems because it can link-up infected devices to Wi-Fi networks under the control of the attackers. Unlike in the past when malware was released by cyber attackers, word has it that an Italian company selling surveillance systems developed this malware with root access. Hence, it is capable of reading practically anything on your device’s memory including geolocation, text messages, calendared events, business data, and personal information. It can also take photos, record video and conversations automatically without as much as alerting the owner that anything was remiss. It has better control of infected devices and can record the once impregnable Skype conversations.

Skygofree is a sophisticated, multi-stage spyware that gives attackers full remote control of an infected device.  – Kaspersky

You realize the gravity of the security risk when you realize just how much information you’ve entrusted to your smartphone. You read emails, write notes, store passwords, credit card information and even hold virtual work meetings using your Android.

According to Kaspersky, the malware is spread through landing pages that mimic mobile network operators. Users are then tricked into installing and using the app. If you notice your smartphone is fast draining charge and heating up, it may be infected by Skygofree and other Trojans). Aside from the 48 commands it can execute, it can circumvent battery-saving mechanisms (such as in Huawei) and unobtrusively implant itself as a protected app. A particularly dangerous quality because it remains quietly operating in the background when the screen is off.

How does Skygofree do it? Once installed from fake sites, you will see a notification that may be permutations of this “Dear Customer, we’re updating your configuration and it will be ready as soon as possible”. It sounds official and above-board and doesn’t raise suspicions. However, if you detect something off and want to address this by deleting or uninstalling the app, you are in for a big surprise! The trojan hides the icon in background services where it isn’t easily removed from the system. According to Kaspersky, this self-protection feature affects almost all services. Windows itself could be the next target and this has already started with infiltrating Skype.

Prevent infection by Skygofree by:

  • installing antivirus/anti-malware protection such as  Kaspersky Security for Mobile.
  • being cautious when opening mail from unknown sites
  • not opening attachments
  • downloading only from known sites and
  • turning on Application Control if you are the system administrator.

White hat hackers receive Visa debit cards from Facebook

Good news for Hackers out there. Facebook is handing out “White Hat Bug Bounty” Visa debit cards.

The more bugs and exploits you find, the more Facebook will pay you by depositing the money in the card. It is said that the company is paying at least $500.

This effort by Facebook tries to reach out to Hackers in a way for the company to welcome the help of these experts. Instead of attacking their site, the company is trying to team up with them to further improve the site’s security and other services.

One good thing about this program is that Facebook doesn’t seem to have a maximum payment. So the more you find, the richer you get.

But there is a catch. In order for white hat hackers to redeem their payouts, they must first agree not to disclose the weakness for a “reasonable amount of time”, and at the same time they have to make a “good faith effort” in avoiding privacy violations.

According to ZDNet, the current highest paid bounty is about $5000. Facebook currently receives help from 84 different individuals they call researchers.

Image Source: theinquisitr.com

Exit mobile version