Startup Aims To Make Advanced Security Seamless By Using Your Location To Verify You’re You

Startup Aims To Make Advanced Security Seamless By Using Your Location To Verify You’re You

Toopher aims to use your location as a second way to verify you’re you that goes beyond a username and password.

When Dropbox acknowledged its recent data breach last week, the company noted that it will be adding a range of security solutions in an effort prevent such a breach from occurring again. One of the technologies that Dropbox plans to implement is two factor authentication, which requires another identifying item beyond your username and password to grant you access to your account.

The second item in two factor authentication can be any one of a range of technologies like a smart card that needs to be swiped, a USB flash drive or other mobile that contains security certifications, a one-time user password token like RSA’s SecurID, or a biometric input like a fingerprint scan.

One company has another interesting option, however, your location.

Toopher is a startup that’s focused on making two factor authentication easy and seamless. Rather than relying on physical or digital tokens, Toopher relies on your location data. The service works through a free mobile app that is available for Android and an iOS version is in the works.

When you install the app and link it to your Toopher account, you’re asked to select a location such as your home or office, that will be used in place of a physical or digital token. When you access a resource that requires two factor authentication, your iPhone or other device uses location services to determine whether or not you’re at your secure location. If you are, then entering standard login credentials like a username and password will grant you access. If you’re not, then access will be denied.

The technique isn’t that different from using geofencing to set Reminders in iOS 5.

It’s also very similar to the approach that some mobile management solutions use when granting access to corporate resources based on a mobile device’s location. If a device is located on or near company grounds, it can be assumed to being used for legitimate work purposes. If it’s located clear across the country from any company office, there’s a good chance that the device might have been stolen and therefore should be denied access to sensitive business data.

Related
  • macstuffdaily

    and if i go on a vacation or a road trip ? … I’m screwed !

  • dcase99

    Macstuffdaily…. Actually no, you can just tell Toopher this is a new approved location via the app on your phone

About the author

Ryan FaasRyan Faas is a technology journalist and consultant living in upstate New York who has written extensively about Apple, business and enterprise IT, and the mobile industry. In addition to writing for Cult of Mac, he is a contributor to Computerworld, InformIT, and Peachpit Press. In a previous existence he was a healthcare IT director as well as a systems and network administrator. Follow Ryan on Twitter and Google +

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News | Tagged: , , , , , , , , , , |