Pages:
Author

Topic: Biometric BTC wallet? (Read 832 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
November 12, 2019, 01:20:52 PM
#56
So this keyless wallet, what happens if Zengo goes away, where are my keys?

Read here - https://zengo.com/security/ to know more about Zengo Keyless security. There is no point in discussing here about how Zengo works? Anyone can give any suggestions but before using any wallets, one should do a lot of research about that, check their reviews and then only they should use it.

But you didn't answer @keychainX question.

Their wallet is only partially open source (specifically only their threshold cryptography code) and backup file only can be read by ZenGo wallet.
The wallet don't have option to backup private key, seed or mnemonic phrase which encrypted with user chosen password or Face/Touch ID.
member
Activity: 87
Merit: 27
November 11, 2019, 10:27:55 PM
#50
So this keyless wallet, what happens if Zengo goes away, where are my keys?

Read here - https://zengo.com/security/ to know more about Zengo Keyless security. There is no point in discussing here about how Zengo works? Anyone can give any suggestions but before using any wallets, one should do a lot of research about that, check their reviews and then only they should use it.
member
Activity: 378
Merit: 53
Telegram @keychainX
November 11, 2019, 12:42:17 PM
#49
Seriously, cut n paste from zengo website

your security is distributed between your device and ZenGo servers

No ZenGo, Not your coins....
It is not cut and paste, it is the definition of the wallet in my words.

How did you find this wallet?
I saw this thread and searched about Biometric BTC wallet and found these wallets.

So how safe this wallet is?
I am not sure how safe is this wallet, as I have not used these wallets. It was just a suggestion.

So this keyless wallet, what happens if Zengo goes away, where are my keys?
member
Activity: 87
Merit: 27
November 10, 2019, 11:15:59 AM
#48
Seriously, cut n paste from zengo website

your security is distributed between your device and ZenGo servers

No ZenGo, Not your coins....
It is not cut and paste, it is the definition of the wallet in my words.

How did you find this wallet?
I saw this thread and searched about Biometric BTC wallet and found these wallets.

So how safe this wallet is?
I am not sure how safe is this wallet, as I have not used these wallets. It was just a suggestion.
legendary
Activity: 3374
Merit: 3095
BTC price road to $80k
November 09, 2019, 03:19:47 PM
#47
I know Zengo wallet provides Biometric 3D Face Authentication and D’CENT Biometric hardware wallet provides Fingerprint Biometric Authentication.

  • Zengo is the first Keyless Crypto wallet that as no Private keys. It has distributed security between our wallet and ZenGo servers. Even if the wallet is lost or hacked, our assets are safe.

  • D’CENT Biometric hardware wallet has built in fingerprint scanner which acts as an additional security for accessing wallet.

How did you find this wallet?

According to the whois, the domain of zengo was registered 1999(Such a good domain)
Code:
Registered On:1999-03-24
Expires On:2022-03-24

So how safe this wallet is?

And I found that the domain wayback/history this website is not yet alive until april they have a representative here on the forum but they are not active. You can check their profile here https://bitcointalksearch.org/user/zengo-2568273

So how safe is this wallet?
member
Activity: 378
Merit: 53
Telegram @keychainX
November 09, 2019, 08:08:03 AM
#46
I know Zengo wallet provides Biometric 3D Face Authentication and D’CENT Biometric hardware wallet provides Fingerprint Biometric Authentication.

  • Zengo is the first Keyless Crypto wallet that as no Private keys. It has distributed security between our wallet and ZenGo servers. Even if the wallet is lost or hacked, our assets are safe.

  • D’CENT Biometric hardware wallet has built in fingerprint scanner which acts as an additional security for accessing wallet.

Seriously, cut n paste from zengo website

your security is distributed between your device and ZenGo servers

No ZenGo, Not your coins....
member
Activity: 87
Merit: 27
November 09, 2019, 07:48:15 AM
#45
I know Zengo wallet provides Biometric 3D Face Authentication and D’CENT Biometric hardware wallet provides Fingerprint Biometric Authentication.

  • Zengo is the first Keyless Crypto wallet that as no Private keys. It has distributed security between our wallet and ZenGo servers. Even if the wallet is lost or hacked, our assets are safe.

  • D’CENT Biometric hardware wallet has built in fingerprint scanner which acts as an additional security for accessing wallet.



Source: https://zengo.com/
https://dcentwallet.com/overview/specification.html
member
Activity: 74
Merit: 10
October 28, 2019, 03:52:37 PM
#44
I recall in elementary school, officer friendly coming by to ask the parents to have their kids' fingerprints taken in case they were ever 'kidnapped'.

Quite obviously the us govt has one of the largest fingerprint databases on the planet.

It would be trivial, if they didn't already have your fingerprint, for them to obtain some from you if they became aware.

Also, anyone in the military, they have your DNA on file.

https://www.eff.org/deeplinks/2015/09/little-fanfare-fbi-ramps-biometrics-programs-yet-again-part-1

Thats why you probably would salt it with additional data

Could you elaborate please, it seems like an interesting idea.
jr. member
Activity: 87
Merit: 5
October 06, 2019, 02:52:33 PM
#43
I recall in elementary school, officer friendly coming by to ask the parents to have their kids' fingerprints taken in case they were ever 'kidnapped'.

Quite obviously the us govt has one of the largest fingerprint databases on the planet.

It would be trivial, if they didn't already have your fingerprint, for them to obtain some from you if they became aware.

Also, anyone in the military, they have your DNA on file.

https://www.eff.org/deeplinks/2015/09/little-fanfare-fbi-ramps-biometrics-programs-yet-again-part-1

Thats why you probably would salt it with additional data
newbie
Activity: 21
Merit: 11
October 05, 2019, 01:48:40 PM
#42
So has anyone read the ZoOm white papers? What do you all think of it? It passed all these security tests.
https://www.zoomlogin.com/#page-blk-white-papers
jr. member
Activity: 87
Merit: 5
October 04, 2019, 02:27:50 PM
#41
I don't know about biometric authentication for company, but biometric authentication information which used on Android/iOS is stored on local device, so internet connection isn't required.
Most likely you are talking about phone lock. Almost all new Android phone coming on markets with fingerprint feature. It can't be compare with Biometric wallet. If there is Biometric wallet then it should be attached individually for each wallet (not with phone)

From security perspective, i'd agree. But in reality, many application with built-in biometric authentication uses Android/iOS's biometric, even banking application.

The problem with Adroid or IOS is that it does not let you read the data from a finger or face, the phone only let the app confirm the submitted lock finger/face match the touching finger/face. Which means a rooted phone could be hacked if the android or OSX is "modified"

Then there is always problem with the backup phrase, or if someone has an accident and looses a hand, what then?
newbie
Activity: 21
Merit: 11
October 04, 2019, 12:18:08 PM
#40
I started a thread about another biometric wallet, ZenGo, and I was informed about this thread here where more people are involved. Here are the posts so far and I'm curious what you computer experts think of this new wallet:

A few weeks ago I heard a podcast with Anthony Pompliano and the founder of ZenGo, which uses ZoOm, a facial recognition security app to secure Bitcoin. I’ve had a couple of discussions with Ouriel Ohayon from ZenGo about the benefits of ZenGo over Ledger. In comparison, Ledger already seems antiquated but has ZenGo been vetted enough to trust that ZenGo is secure? Since ZenGo uses ZoOm I can see how one party would blame the other party if hacking were to occur. I am not a security expert. What do you all think of ZenGo?


There's a discussion about using biometrics to secure your wallet here: Biometric BTC wallet?
The TL;DR is that it is generally a bad idea as it is far more easily broken than a strong password or passphrase.

In terms of the ZenGo itself, I've not heard of it before, but I've had a quick poke around their website. There are a couple of things which give me some concern.

Firstly is that they extensively use cloud servers for back up. Both the client share on your phone, and their server share which they store, are backed up to the cloud. You don't need me to tell you how poor cloud security generally is - you can do a simple web search and see story after story of cloud servers being hacked.

Secondly is their recovery mechanism. If they go out of business, then they have an escrow who will release a master decryption key so all users can still access their private keys and therefore their coins. That's great, but it means there exists a single point of failure for their entire system - the master decryption key. This has been created and transferred to an escrow. We have no idea how many copies of it exist, how many computer systems it has been on, how many people have had access to it, or how good the security currently protecting it is. It's a massive vector of attack, as if someone gains access to it, they can potentially gain access to every coin held by every owner of one of these devices (and as we said above, with all the back ups being stored on the cloud, this is a real concern).


@o_e_l_e_o

Thank you for your input. Wow, I am glad I did not move my coins to ZenGo yet. I am not technologically minded so I need to rely on you experts here. I don't feel comfortable leaving my Bitcoin on Coinbase and using a Ledger with a 24 word seed phrase just seems antiquated, like I said before. Is this really state-of-the-art? Also, like I said before ZenGo uses ZoOm facial recognition. I am not sure that ZoOm is equivalent to the biometrics in your link. Can you check out the white papers on ZoOm and let me know what you think?

https://www.zoomlogin.com/#page-blk-white-papers
legendary
Activity: 2394
Merit: 2223
Signature space for rent
September 24, 2019, 02:07:56 PM
#39
I don't know about biometric authentication for company, but biometric authentication information which used on Android/iOS is stored on local device, so internet connection isn't required.
Most likely you are talking about phone lock. Almost all new Android phone coming on markets with fingerprint feature. It can't be compare with Biometric wallet. If there is Biometric wallet then it should be attached individually for each wallet (not with phone)

Besides, if you use wallet which uses side-server biometric authentication, then most likely you use custodial your wallet and it's the risks of using custodial wallet.
That's what I was talking about. Not only risk, there would high risk.

I'm pretty sure the failures that you see is not because of connection problems but detection problems. Either the base data that was used to check is faulty, or your log-in process has issues.
Of curse there was detection problem. And what will happen if this detection problems occurs during your transaction on Biometric wallet? You will not able to make transaction when you need.
legendary
Activity: 2170
Merit: 1789
September 24, 2019, 12:37:06 AM
#38
Is there any biometric wallet (i am not talking about simple FaceID or TouchID login usage) for crypto wallets?
- Coinomi Mobile uses Finger Print ID
- imToken 2.0 Mobile Version uses finger Print ID

The wallets that you mention above basically use 'TouchID' (fingerprint authentication).

Another thing is, if Biomaterics failed to connect server. It has been happend on real life. Currently I am working abroad and I have to give fingerprints or face to the machine. Means company collecting attendance by a face/fingerprints machine. So some machines not recognized to me. Fingerprints was not working sometimes even face.

I'm pretty sure the failures that you see is not because of connection problems but detection problems. Either the base data that was used to check is faulty, or your log-in process has issues. Some machines can't do their job if you have too much sweat on your finger, for example. Better tell your company to buy a new one. My sister is having the same problem with her office check-in mechanism, and I can say for sure that the device does not need the internet. The fingerprints data are stored offline.
copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
September 23, 2019, 04:39:08 PM
#37
Is there any biometric wallet (i am not talking about simple FaceID or TouchID login usage) for crypto wallets?

I have been looking but not found any good solutions.

Anyone?

Well to be on topic rather than discuss the advantages/disavantages of biometric over pin or password...

The wallets i have used so far that have the feature you are looking for;
- Coinomi Mobile uses Finger Print ID
- imToken 2.0 Mobile Version uses finger Print ID

Pin is usually the default option, you have to set up the Finger print ID after creating the wallet.
legendary
Activity: 2394
Merit: 2223
Signature space for rent
September 22, 2019, 04:15:31 AM
#36
My friend's wife and his daughter went abroad to visit their grandmother. His wife has the FaceID (or whatever it is called) option enabled to unlock her phone. One day he saw a gibberish post on Facebook on his wife's Facebook profile so he called her to see what that was all about. Turns out that their daughter was playing with the phone and the FaceID software recognized her face as that of his wife. She was able to unlock her phone. The interesting part is that the daughter looks entirely like my friend and nothing like his wife. Further proof that this type of protection is not something to rely on.   
Yes, that's the disadvantage. Another thing is, if Biomaterics failed to connect server. It has been happend on real life. Currently I am working abroad and I have to give fingerprints or face to the machine. Means company collecting attendance by a face/fingerprints machine. So some machines not recognized to me. Fingerprints was not working sometimes even face. So I had to inform authority directly. So if this happen for Biomateric wallet then it would be very hard to move your fund. You might not able to make transaction when you need and you should contact support regarding your issue.
legendary
Activity: 3500
Merit: 6981
Top Crypto Casino
September 16, 2019, 05:13:08 PM
#35
It would be fairly easy to force you to restore your wallet.
All jokes aside, this was the whole point.
I get that, but personally I'd feel pretty secure since nobody I know knows I'd have any crypto on a hardware wallet (or phone, which I don't).  The chances of me getting forced at gunpoint to access my crypto is very remote.  Yeah, anything could happen but chances are I wouldn't run into a situation like that.  It would be much more likely I'd lose my wallet, in which case a fingerprint-dependent login would be extremely useful.

I wasn't even aware that biometric flash drives are being made.  I happened to come across some for sale on Amazon when I was looking for a flash drive that could be encrypted.  I think it'd be an awesome idea for Ledger or one of the other manufacturers to make a wallet with this technology.  Sure, things can go wrong....but they can always go wrong anyway.

Maybe some guys think that its better to continue with modern worlds invention but sometime its better to follow old fashioned way to keep us safer from unexpected attacks.
I get your point and I respect it fully.  But I'd still like the fingerprint tech to be applied to hardware wallets for those who'd want them.  I'd sure be interested in something like that.
hero member
Activity: 2660
Merit: 651
Want top-notch marketing for your project, Hire me
September 16, 2019, 04:31:22 PM
#34
Don't go for it even if there is one. If we are only talking about convenience then this would be great but if you are risking the security of your wallet because of it then it's really not worth the risk. Banks have done this with their apps and one way to avoid abusing it is they added a mandatory pin before you can even send money, the fingerprint was only to access the dashboard part of the app but even that is also a risky move since you are letting other people see what you have in your account.

so nobody here is using faceid or touchid?
There will definitely be people who use the faceid or touchid but I'm sure that faceid/biometric kind of wallet are mostly used by the Chinese. With that been said, I totally don't support such platform because the system will be abuse sooner or later even if it was created by a private or decentralized company.
copper member
Activity: 1204
Merit: 737
✅ Need Campaign Manager? TG > @TalkStar675
September 16, 2019, 02:31:36 PM
#33
so nobody here is using faceid or touchid?
Getting password from users brain is much harder than getting users finger print or retina match. That's why most crypto wallet users keep their trust on password based security rather than finger print or retina scan. Maybe some guys think that its better to continue with modern worlds invention but sometime its better to follow old fashioned way to keep us safer from unexpected attacks.

Wallet security system is always far different than our mobile phone or another devices.

 
legendary
Activity: 2730
Merit: 7065
September 16, 2019, 08:11:56 AM
#32
so nobody here is using faceid or touchid?
Both of those features work but how good and precise are they, that is the real question!
Have a look at what can happen in a real life example from my above post: https://bitcointalksearch.org/topic/m.52384156

Besides, your fingerprints might change or lose quality due to an accident involving fire or boiling water. How are you going to get to your assets if the system doesn't accept your fingerprint anymore?

A biometric wallet is just too big of a risk if you ask me.
Pages:
Jump to: