Here’s a thoughtful article about wearables by Aman Narain, the global head of digital banking at the big international bank Standard Chartered; he sees the possibilities in 9 billion wearable devices and all the data they throw off, although he’s completely correct in being worried about security issues.
At Mobile World Congress, we had a particularly interesting conversation with Peter Tapling, the CEO of the security company Authentify. Authentify specializes in what’s called “out-of-band authentication services;” if you’ve every gotten a phone call or text with a code that you need to put into a web site to authenticate your identity, you’ve used out-of-band authentication.
When you use an ATM, you rely on two-factor authentication: something you have (an ATM card) and something you know (your PIN). For a lot of things — like foundational passwords — that’s not good enough (ever have a debit card stolen?), and security pros are adding a third factor: what you are. One possible way of demonstrating what you are is with a phone or other device that’s been pre-registered and pre-authenticated outside the stream of the current transaction.
Currently, Authentify — which, we should stress is not a startup — uses a smartphone. But there’s no reason it has to be a smartphone. It could easily be a wearable device; you have that pre-authorized thing, a card, and a PIN, and even if the card and PIN get skimmed, that device would be absent.
We’re not nearly there yet, of course, but the bet here is that we’ll see wearables as a player in three-factor authentication before you see it in mass-market clothing.