PIN+biometrics: security implications

If a user sets up protection to her smartphone by a PIN (and optional biometrics lock), there doesn't seem to be any reason for apps not to use them to protect the sensitive data or critical operations.

For example, when an iOS user installs an app from AppStore, he or she would see an action sheet which asks for fingerprint verification. There is no reason why the same shouldn't apply when a user attempts to purchase a cryptokitty from a dapp browser. The below picture borrows a banking app to show how it looks like:

When is it used?

Android, for example, suggests that unencrypted signing key discarded after creation & encryption. To keep with the rule, the user would need to authenticate the user through PIN+biometrics on three occasions.

  • When she set up the wallet.
  • When she uses the key to sign.
  • When she backs up the key.

This happens behind the scene:

  • When a user creates or recovers an address, the wallet holds the private key to that address in memory momentarily. As part of the process, the wallet asks the user to authenticate through PIN+biometrics, and as a result obtains an AES key, with which it encrypts the private key, and discards it, leaving only the encrypted key in the storage area of the mobile app.

  • When the user signs anything or backups the key, as part of the process, the user authenticates through PIN+biometrics. The wallet, as a result, obtains an AES key, with which it decrypts the private key, sign stuff or continue with the backup process.

Would user lose money because of PIN+Biometrics?

AlphaWallet does not enforce a backup immediately after creating a new address. Rather instead, it reminds the user to do. By consequence, if a user created an address, in the process authenticated herself, then, before she could do a backup, she lost the capacity to authenticate again with PIN+biometrics and received some crypto in the meanwhile, then, she would have lost that crypto, and there will be no way to recover it.

Is that acceptable?

One argument is that it's acceptable if the user's portfolio is small. The wallet should enforce a backup if the user has> 100USD worth of crypto. Assuming the wallet knows how much the user's asset is worth (a cryptokitty can be potentially priceless), it might still be too late (suppose a user started with 0.5Ether, and she lost the capacity to authenticate with PIN+biometrics before she backs up the key. Then there is a surge in price causing 0.5Eth to worth >100USD).

Another argument is that this should never happen anyway. Why anyone in the world would be able to provide PIN+biometrics at the moment when the wallet is set up, and no longer be able to do so later? She would have to abandon the entire mobile phone as a result, and we don't often abandon phones due to authentication problems. This argument is valid for everyday phones, but let's suppose the user uses a spare phone to keep crypto. She might have forgotten the PIN and forgone the fingerprint set-up. But in that case, her mobile phone is turned into a brick, not allowing her a chance to see the "require authentication" message from AlphaWallet at all.

It is acceptable.

My intuition follows the 2nd argument, that this is a rather unlikely scenario. When the user creates an address or recovers one, we require PIN+biometrics authentication and it should be safe to discard the signing key right after, keep only the encrypted key, as part of the process.

AlphaWallet can enforce the PIN+Biometric on new keys/addresses and not enforce backup of the key below a threshold, and that is an acceptable design choice.

I generally agree with the approach. However, there is always the danger of keeping high value information on a fragile and volatile device like a phone. Phones break and phones get stolen. I am not sure forcing a user to do a backup is the right solution though. The cryptographer in me would suggest to provide a backup service based on secret sharing, but that is a whole other story :slight_smile: In general I don't think there is an easy and good solution to this problem and the choice made here seems reasonable.