minible icon indicating copy to clipboard operation
minible copied to clipboard

Published 20 hours ago verified publisher icon mooltipass

Pin entry through app on mobile phone (iOS)

Open hoijnet opened this issue 1 year ago • 4 comments

Missing feature

Allow pin entry through app on mobile phone, with notifications, through bluetooth.

Justification

Compared to #348, an app on a mobile phone is considered relatively secure. Leveraging the BLE functionality, it would be awesome to get a notification on the phone and use face/touch id or fingerprints for login, compared to the current jogwheel function that could be snooped by camera.

I would argue the security model of setting up an approval mechanism could be made more secure and with less hassle compared to the current jogwheel pin entry.

Alarm systems and similar security systems allow pin entry and approval of activities via the mobile phone and/or touch id. The device would become significantly more user friendly (and thus increase security usefulness) with a bluetooth-connected user interface in the phone.

I find that mobile phone security model probably be more trustworthy compared to the pervasive risk of key loggers in current operating systems. Integrating with mobile phone operating system authentication should improve the security posture of such a mobile phone implementation even more.

Workarounds

Use the jogwheel.

hoijnet avatar Oct 04 '23 12:10 hoijnet