SlickLogin has been added to the Google empire for its sound password technology. Just five months after its debut into initial testing, Google has bought SlickLogin, an Israeli-based security start-up. The security start-up’s main focus was their unique technology that uses almost silent sound waves to authenticate user identity on frequented websites.
SlickLogin made the announcement on their website and said that Google “shares [SlickLogin’s] core beliefs” in making the Internet safer, as well as, easing log-in authentication. They cited Google’s release of the first two-step verification process that was offered for free. The exact details of the 3-person company acqui-hire are still under wraps, but Google has confirmed the acqui-hire with TechCrunch.
The SlickLogin sound passwords work like this: websites create a one-of-a-kind sound that is supposed to be inaudible to human beings, then an app on the smart phone would retrieve the sound, study it and reply to the website to confirm the identity of the user. The purpose was either to replace written passwords entirely or to be a back-up authentication system. The idea is to help Internet users avoid cyber crime.
SlickLogin was acquired while the company was still testing the first version of the software. Now, the SlickLogin team will be working hand-in-hand with Google on their sound authentication software. Google bought the company for a reported multi-million dollar deal. The exact amount remains undisclosed. Also, Google has not released any information on how they exactly plan to use the technology or if they intend to integrate it into the Android system.
As Google adds to its empire through buying SlickLogin for their sound password technology, some question the security of the sound authentication method. The founders of SlickLogin have many of the security issues covered. The technology is heavily encrypted, so that an attacker cannot get in the middle of the conversation and obtain the sound. Also, the sound cannot be recorded and replayed later because the sound is exclusive to the exact moment it is being originally played. Another concern is if someone else holds up his or her phone to the computer while the sound transmission is underway. This is prevented because another phone would not have the right personal information encoded on it.
The most glaring problem is if the phone is stolen. SlickLogin’s creators said that if a phone is stolen and opened, then the accounts have already been accessed. Originally, SlickLogin did allow users to login without having the user unlock their phone, but SlickLogin wanted each service to tailor the security settings to their liking. At this point, it is in Google’s hands.
There are many other companies that are trying to transfer information via sound waves. For example, Chirp is one that is ambitiously trying to achieve entire file transfer with sound. Also, Clinkle is still in testing, but has a goal of sending money in the same manner. SlickLogin was the first to combine the technology with password authentication. Google was very quick to add to their empire and buy SlickLogin for that unique sound password technology.
By Rebecca Hofland