Cybersecurity Wearables. The Evolution of the Form Factor. Part 2: From Physical to Digital Keys
Offensive security is the oldest and most effective. We saw it in the hominid with a stick example from the previous post. However, “offensive” means gear, human resources and brings along with it, an increased risk of counterattack. That’s why some time after the stick humanity invented a lock and a key. The history of the modern locks and keys starts in the England of the Regency era.
In 1817 there was a burglary at Portsmouth Dockyard — one of the British’s most important naval bases. The burglars used fake keys to open the locks protecting the dockyard stock. The damage was so substantial that the British government announced a competition to produce a lock which could be opened only with its proper key.
Jeremiah Chubb and his brother Charles, who were both working at the Dockyard applied. Their Chubb detector lock won the competition and became the industry standard for almost almost 30 years.
London’s Great Exhibition of 1851, was a cold shower for the British home owners. American locksmith named Alfred Charles Hobbs was able to open both: the Chubb lock and Bramah’s lock — another great British mechanism invented in 1784. The Times wrote: “We believed before the Exhibition opened that we had the best locks in the world, and among us Bramah and Chubb were reckoned quite as impregnable as Gibraltar.” After the London Exhibition the cluster of innovations in the locksmithery moved overseas to the United States.
In 1843, American inventor Linus Yale Sr. patented improved pin-tumbler lock — a design which we still use today. In 1861, his son Linus Yale Jr. patented a small flat key with serrated edges. This is the same modern flat key which just might be in your pocket or purse right now.
The Keys of Heaven
Key fobs are as old as keys themselves. However, until locks were miniaturized enough for the key to fit in the pocket, key fobs were primarily informative or decorative. One of the great examples would have to be the keys of heaven — the symbol that is still present on the Coat of Arms of the Holy See and the Vatican City.
At the time when Peter Paul Rubens was painting his famous ‘Saint Peter as Pope’, the door keys weighed several kilograms each. Thus it was impractical to carry them around in the pocket. To lessen the weight of the keychain a cord was used instead of a metal ring that is more common now. The huge weight also meant the keys were unlikely to be forgotten.
Saint Peter as Pope with the Keys to Heaven. Painting by Peter Paul Rubens (1577—1640). Reproduction photo by Wikipedia user Alexcoldcasefan. Vector rendering of Vatican coat of arms by Wikipedia user F l a n k e r. The golden key opens the gate to the heaven. The silver key indicates the spiritual authority of the papacy and of the Catholic Church on Earth.
Further industrial development, led to the miniaturisation of locks and keys. The key fob started helping its owner locate the key among many others. In the 1990s, immobilizer technology was widely adopted in automobile security. The role of the key fob evolved from auxiliary, to being the primary access token. In most automobiles produced after 2014 the physical car key performs only a backup function, should the software or hardware of the electronic key fail.
Next came the time for key fobs in computer security. By the early 2000s computers were running banks, defence systems and hospitals. Mere passwords were not enough to protect them. RSA Security, a firm established by three creators of the well-known encryption algorithm, introduced SecurID key fob and ecosystem.
A Security Fob that Dared to Make it to Your Key
SecurID access token generates authentication codes at fixed intervals using a built-in clock and the ‘seed’ — a factory-encoded random key. The resulting code is used as part of an enhanced authentication mechanism called “multi-factor authentication”. Please see a separate post in this blog, if you’re not familiar with the concept of multi-factor authentication.
In 2011, SecureID infrastructure suffered a major hacking attack, becoming yet another ‘impregnable Gibraltar’. The attack marked the gradual demise of RSA as the undisputed leader of the cybersecurity industry. Soon, other hardware cybersecurity tokens started to appear, the most notable being Sweden-based Yubico with their product Yubikey.
However, what’s interesting to us within the scope of this post, is not the security architecture of RSA SecurID or Yubikey, but the way customers carry these tokens around.
SecureID has a metal ring next to its secure element to the left of the device. The ring enables two major form factors for wearing the device: a ‘badge’ and a ‘key fob’.
Neck Devices: from Totems to Your Office Card
The ‘badge’ form factor of RSA SecureID brings us to the most important zone of the human body or ‘the triangle of life’. We will not spend reader’s time on a decade-long debate about the health concerns of placing electronics next to human breasts. However, in terms of usability the neck, shoulders and breasts are extremely challenging destination for electronic wearables.
Since the appearance of the earliest religions, the triangle of life had sacral meaning. People of various nations and religions placed the sacred objects on their necks and breasts using laces, cords and chains. The tradition survived until modern times, and is practiced by major modern religions of the World.
That’s why, health concerns aside, not all people find it acceptable to wear security devices or electronic access cards on their necks. People are not ready to give out their very private space to the office wearables. The author’s own RSA SecurID token never made it to his neck, despite being duly supplied with a neck strap.
Nevertheless, some of us remember wearing a house, or an apartment key, on a necklace to school or while playing with other kids in the backyard. The trend in wearing the devices as badges, pendants and necklaces is increasing in the 2010s. The primary reason is that RFID access cards become increasingly embedded inside the photo badges. Some might say that RFID is the modern equivalent of the backyard necklace. As we know, many government institutions worldwide require such badges to be visible at any time while a person is present inside their premises.
Despite the issues that we indicated in the previous post, explaining the evolution of the wearable form factors, key fobs have vast untapped potential. Carrying the keys around is a habit. Technologically it’s already possible to live without having to carry the keys around. However, human habits are the toughest part of the daily routine, as our readers who were smokers might agree. Habits create markets. Carrying the keys around is definitely not the worst habit to have. It will continue to be a huge market for decades.
Without a display, with energy efficiency and being highly customizable, Hideez OS for our miniature Hideez Key 2 is powerful, safe and enduring. As we already know: it can be converted into a wristband within a matter of seconds.
The badge, or pendant, form factor also presents a number of opportunities. Proximity to the triangle of life enables additional biometric identificators like breathing rate, muscular activity in the breast and neck zone, etc.