Biometric Authentication Ring Gaining Traction

Secure your business with CyberHoot Today!!!

Sign Up Now

Token Ring the new company (not the old networking token ring technology), just received Series C investment that will accelerate growth and demand for its new biometric authentication tool – a literal ring you wear. The Token Ring features FIDO2 support and can be paired with a user’s phone using the Token Ring App. The tool is gaining traction in cybersecurity as a next-generation passwordless authentication tool supported by industry behemoths Microsoft, Apple, and Google.

Token Ring

Token Ring aims to eliminate the friction of Two-Factor Authentication methods. Current 2FA methods combine a username and password with a one-time passcode generated from a text message or smartphone authentication app to identify and authenticate a user. Token Ring eliminates these challenges by authenticating users with a simple gesture by the person wearing it. Users log in passwordless and never have to sign into their devices manually. Token Ring accomplishes this through its integrated fingerprint sensor ensuring it will authenticate the owner of the ring and no one else. 

Token Rings pack a lot of technology into a tiny ring device. Token Ring explains how it works:

“High-density laser-etched circuit boards, wafer-level chip packaging, and a highly optimized layout allow Token’s 83 components and 3 antennas to fit into a 0.25 cubic centimeter space. An advanced power management system orchestrates 3 microprocessors, 3 autonomous sensors, and 2 energy-efficient radios to deliver up to 20 hours of battery life. The platform is designed with security in mind, delivering bank-grade authentication thanks to an EAL-5 certified Secure Element and a 508 dpi capacitive touch fingerprint sensor.”

While the tool appears to be in line with FIDO’s Passwordless Initiative, it appears that it will also be able to be used with Two-Factor Authentication (2FA) services. With the growing adoption of biometric authentication in concert with 2FA tools, Token Ring is looking to grow in that space as well. An interesting aspect of this product is that the company’s vision is to have this ring used in almost all aspects of your life, wearing it all day every day. In addition to logging into critical accounts, it can be used to pay for products and services (similar to apple pay), unlock/lock your house or car, or log into your computer. Watch the video at the end of this article to see more of their vision.  

What Does This Mean For My Company?

The Token Ring is a nascent technology for a big cybersecurity budget in companies that are early adopters. One ring can cost hundreds of dollars. For most companies, a Token Ring, or something similar, is too expensive for it to make sense. Additionally, with any new technology, there are certainly bugs to be identified and safety measures to be worked out. For example, CyberHoot wonders if the ring measures your pulse? If you don’t have a pulse does the ring still work? Physical safety becomes a critical factor to CyberHoot considering the use of a Token Ring for access to the critical accounts requiring MFA protection. Are criminals against cutting fingers off to gain access to our critical accounts? We’d like to wait and see how this plays out before adopting such visionary technology.

There are many other actions your company can and should take to help secure your users and systems that cost a good deal less without the potential physical harm they might attract. Continue reading to learn what cost-effective actions your company can take to improve its cybersecurity posture. 

CyberHoot’s Minimum Essential Cybersecurity Recommendations

The following recommendations will help you and your business stay secure with the various threats you may face on a day-to-day basis. All of the suggestions listed below can be gained by hiring CyberHoot’s vCISO Program development services.

1. Govern employees with policies and procedures. You need a password policy, an acceptable use policy, an information handling policy, and a written information security program (WISP) at a minimum.
2. Train employees on how to spot and avoid phishing attacks. Adopt a Learning Management system like CyberHoot to teach employees the skills they need to be more confident, productive, and secure.
3. Test employees with Phishing attacks to practice. CyberHoot’s Phish testing allows businesses to test employees with believable phishing attacks and put those that fail into remedial phish training.
4. Deploy critical cybersecurity technology including two-factor authentication on all critical accounts. Enable email SPAM filtering, validate backups, and deploy DNS protection, antivirus, and anti-malware on all your endpoints.
5. In the modern Work-from-Home era, make sure you’re managing personal devices connecting to your network by validating their security (patching, antivirus, DNS protections) or prohibiting their use entirely.
6. If you haven’t had a risk assessment by a 3rd party in the last 2 years, you should have one now. Establishing a risk management framework in your organization is critical to addressing your most egregious risks with your finite time and money.
7. Buy Cyber-Insurance to protect you in a catastrophic failure situation. Cyber-Insurance is no different than Car, Fire, Flood, or Life insurance. It’s there when you need it most.

Each of these recommendations, except cyber-insurance, is built into CyberHoot’s product and virtual Chief Information Security Officer services. With CyberHoot you can govern, train, assess, and test your employees. Visit CyberHoot.com and sign up for our services today. At the very least continue to learn by enrolling in our monthly Cybersecurity newsletters to stay on top of current cybersecurity updates.

To see how the Token Ring works in action, watch their short 1-minute video:

https://www.youtube.com/watch?v=hhvNr3nJ2OA

Sources:

Token Ring

SecurityWeek

Additional Readings: 

FIDO’s Passwordless Sign-Ins

Universal Authentication Framework (UAF)