NSF Award
1013651
This Small Business Innovation Research (SBIR) Phase I project explores the feasibility of utilizing the variability found in physical properties of hardware devices, e.g., camera, flash memory, broadband interface etc., to create secure "fingerprints" of smart-phones. Since, the variations on these devices are based on the subtleties of the manufacturing process, they are not controllable. Thus it is difficult (if not impossible) to clone the devices and create a replica of the smart-phone that has the same fingerprint. Once the smart-phone fingerprint is reliably extracted, the goal is to combine it with the biometric information obtained from a user. By integrating biometric schemes with physical fingerprints this technology can uniquely tie persons to devices along with the services they carry in a cryptographically strong manner. The technology proposed here allows one to authenticate the identity of both the platform and the user of any smart-phone through a software only approach and without any modification to the underlying hardware architecture. <br/><br/>If fully integrated into smart-phones, the proposed technology has the potential to transform mobile devices into truly trusted proxies thus enabling wide scale deployment of new services. In particular, strong identification of the smart-phone and its user becomes possible. This is crucial for applications that require cryptographically strong authentication, e.g., mobile payment systems, mobile access to bank ATM's, and mobile identity checks for governmental agencies. Moreover, license management for high value applications would be enabled. Even further, the proposed technology would also enable a number of pay-per-view or pay-per use services on smart-phones and mobile platforms. These applications highlight the commercial potential of this project. Once the proposed chain of trust is built, it could play a pivotal role in the adoption of numerous services on smart-phones.
