This looks incredible. Are there any deeper technical specs (does this support FIDO U2F, in particular)? And any possibility of a "developer version" that also functions as GPG SmartCard?
@mbthomas We're supporting FIDO2.0, aka WebAuthn over Bluetooth Low Energy and NFC.
We also support Windows Hello for desktop login, which is being expanded for other web logins.
I can't promise any specifics, but we're definitely looking into supporting other protocols that fit our scheme of private-key-on-device security. PGP would be an excellent first candidate.
Report
@john_dvorak very exciting about other key-on-device schemes! I had to look this up but WebAuthn is designed to subsume and replace all use cases of U2F *and* add provide additional non-phishable authentication capabilities.
@mbthomas Yep! It's a really exciting protocol. Once we saw the direction W3C and the WebAuthn protocol is taking, we joined the FIDO Alliance to help shape its evolution. We really consider it a key future technology, and are very proud to have working partnerships with Microsoft and MasterCard.
The FIDO U2F and UAF protocols were strong and fit a niche use case very well, but I think there was a general usability problem where it was difficult to drop-in replace an existing password solution. That's why one of our major design goals was ease of use, so an end user can seamlessly add WebAuthn credentials that are EASIER to use than a password!
Report
Is this for the private-key-on-device security market solely, or will it be covering activities that Motiv covers too?
@sam_cholera We're laser focused on the identity use case and on creating an amazing authentication experience throughout your day. We plan to add more identity artifacts to Token in addition to the 6 use cases we support (ie: think tickets, hotel keys, driver licenses, etc.) before considering adding unrelated features like fitness. We believe that identity is a big enough problem to keep us busy. When passwords are dead and credit card fraud is eradicated, we can talk fitness tracking.
@dany20mh We totally understand the concern. We've actually gone through our first batch of manufacturing and hosted a live demo event last week for our partners including Microsoft and Mastercard where we showed off Token. Feel free to reach out to us with your questions at contact@tokenize.com .
Report
@josaphat@tokenize But still that doesn't help about my concern, other technology did they first batch and they had a lot of meeting too, like plastc card which it didn't come out and they went bankrupt.
But if you really think this will come out on time (which it says Dec 2017) you can let us preorder it without paying it up front and when ever it shipped we get charge for it, that way at least our hand is not empty.
Lets say you are unlocking your car. I guess the knock turns Token on and looks for the OBD device via bluetooth? If so, the same thing can be implemented with other bluetooth devices too? At nold.io we are working on a bluetooth based access control device, which can replace keypads, remotes, keycards etc... with your phone. Could be a nice addition to cover more use cases :)
@passatgt Nold looks awesome! What you guys did for garage door is exactly what we did for cars. The ring talks to the OBD device and does a cryptographic challenge/response to authenticate you into your car. We will support FIDO 2.0 (W3C Web Authentication API) over BLE and NFC and it's a standards based way of doing secure authentication so developers will be able to communicate with Token using the Client to Authenticator Protocol. We'll also announce a more generic "signing API" at some point in the future for use cases beyond authentication.
Product Hunt
Product Hunt
Token
Token
Token
Gulp
Entre
Token
Perimeter
Token