University of Alabama’s Nitesh Saxena and Prakash Shrestha have developed a new method to make two-factor authentication (2FA) super easy and secure — Listening-Watch. It involves a wearable device that uses speech signals and is not vulnerable to near or far attacks.
The Listening-Watch system uses an activity tracker or a smartwatch and random browser-generated speech sounds. It is a redesigned approach, expanding upon the previous “Sound-Proof” approach that relied on ambient sounds and ended up being “completely vulnerable” to attackers who were near the user, as well as remote attackers.
With Listening-Watch, the browser would play back “a short random code encoded into human speech” when a user attempts to login. “The login succeeds if the watch’s audio recording contains this code (decoded via speech recognition technology) and is similar enough to the browser’s audio recording (i.e., audio recorded through the microphone at the login terminal).”
To read this article in full, please click here