We’re all pretty used to two-factor authentication now, and it isn’t much of an inconvenience to have to type in a four-digit code when you log in from a new location. But some Swiss security researchers came up with a smart way to authenticate without even that tiny amount of work: ambient noise.
The idea behind multi-factor authentication is basically making sure that a login is by the actual user, not an impersonator or hacker. Sending a code to a second device owned by the user is one way to check, but it’s far from the only option.
Futurae is a spin-off company from the Swiss Federal Institute of Technology Zurich — ETHZ in Swiss — that uses the environment itself as an authentication token in a piece of software it calls Sound-Proof.
When a service wants to do an authentication check, it queries the device attempting to log in and the user’s personal device, probably a smartphone. It records 3 seconds of audio on each and compares them; if the two are…