The team behind the Golem (GNT) blockchain has published research on the Proof of Device concept.
We are happy to announce our latest research: the Proof-of-Device (PoD) mechanism proves that the user has physical access to the given device. It is another take on 2FA or U2F authentication methods https://t.co/EtQxEjAK5p
— golem – NOT DOING AIRDROPS. (@golemproject) June 4, 2020
We are talking about PoD, which is an authentication system through which users can validate the hardware used by them, providing proof of their identity in a secure way.
Proof of Device is especially useful for online services that need to authenticate users’ logins.
Most online platforms that require a high level of security, such as crypto exchanges, use a multi-step system to confirm access to the platform and prevent unauthorized logins, in case criminals have stolen, for example, the credentials of users.
In this case, a first measure is provided by 2-factor authentication (2FA) so that access from automatic systems, such as BOTs, that would clog the platform would be blocked, also through the use of the classic CAPTCHA.
What is Proof of Device?
Proof of Device does not replace the previous authentication methods, as pointed out by the Golem team, but serves as an additional level of protection: in fact, with this system the user is required to sign access to the platform with private keys that are stored inside the user’s device hardware.
The system is managed by the SGX enclave, which is a system that runs exclusively with the help of a CPU and therefore needs hardware that can manage the information.
The hardware, in this case, can also be a normal smartphone.
Moreover, the Proof of Device system has the potential to be run by other TEE (Trusted Execution Environment).
It is very useful for different purposes as PoD can be applied to several sectors, such as banking and home banking services.
Clearly what Golem is presenting at the moment is only a PoC (Proof of Concept) but it has interesting prospects because security is a fundamental aspect for every sector, especially for the crypto world: consider for example the Metamorfo malware that manages to steal bank data from infected devices.
Hardware solutions in the security sector are not new, there are also USB sticks and security keys, which allow users to authenticate on various platforms, such as the one provided by Yubico that can be used on the Binance exchange. The EOS blockchain will also be able to use this type of key, which was announced by Yubico’s CPO during last year’s EOS event.