clock menu more-arrow no yes mobile

Filed under:

A New Kind of Security: Bionic Labs Wants to Call Your Friends to Verify You're You (Video)

Forget two-factor authentication: This company wants to call your mom when you're online banking.

What if your bank hosted a video chat with your mom, or your best friend, every time you tried to make a high-risk online transaction?

That’s the idea behind Bionic Identity, a brand-new verification product that was demoed at Re/code’s Code Conference today.

New York City-based Bionic Labs believes that video chatting within immediate social circles is the missing piece of existing online authentication services. There are a few methods already in use, of course: There’s password identification, two-factor authentication (using a secondary token with passcode) and, in some cases, biometrics — such as fingerprint identification.

But Bionic Labs’ creator Dima Tkachev says there are flaws in all of these multi-factor solutions. Creating or memorizing an eight-character password for different accounts is a pain. What if your phone dies and you can’t access a secondary passcode? And, he says, biometrics can suffer from false negatives.

“What if you’re traveling abroad, and someone steals your purse, or your phone?” Tkachev said in an interview before the demo. Consumers should still be able to access accounts, he said, with the help of a certain subset of people they trust.

Bionic Labs used our own Kara Swisher to show how this concept would work. Tkachev seeded five of Kara’s friends and coworkers with Bionic Identity-ready smartphones and asked Kara to log into one of her online accounts, which for the sake of the demo, was her Re/code website account.

Next, the Bionic Identity app scanned through Kara’s list of five trusted friends or family members and determined who was available to help confirm that Kara was who she said she was. Then the app cued up video chats with these people.

During the video chats, the trusted friend asked Kara a question that only the two of them might know the answer to.

If Kara answered successfully, then she was authenticated.

The bizarre thing about this whole process is the question-and-answer portion: If a person sees that it’s actually Kara through the video chat, then isn’t that enough to verify her? Tkachev says not necessarily: Fraudsters are getting savvy enough to layer in false digital images. And in many cases, fraudsters can try to replicate you or create a kind of “digital twin” to access your stuff.

The other potential downside to Bionic Identity is the notion that your friends and family may be summoned to video chat when they really don’t feel like doing so. For this reason, Tkachev says, consumers will be allowed some control over who can call whom, and when.

“Each person will establish their own limit as to what is important,” he says. “If you say, ‘Walt is bothering me too much! He calls me every day!’ you can adjust it so that Walt can only call you once a week for his verifications.” (Sorry, Other Boss.)

Also, if Bionic Identity relies solely on video chatting, then it still doesn’t offer a lot of help in the whole your-phone-is-stolen-in-Europe scenario.

The video chat, then, is meant to be used as a backup to other forms of verification, or during a particularly high-risk transaction.

Bionic Labs plans to launch its Bionic Identity product later this summer, joining a host of other companies in the multi-factor authentication market (estimated by some to become a multi-billion dollar industry within the next few years). Tkachev says the company’s monetization strategy is to charge a fee to enterprise customers, such as financial institutions and payment processors. It will be free for consumers to use on the Web and on mobile.

However, “nothing is free in this world,” Tkachev said. Bionic Identity comes with a trade-off — the time of the people using it, he added.

Additional reporting by Eric Johnson.

This article originally appeared on Recode.net.