November 27, 2014

EXCLUSIVE: First Ever Hands-On with BioLock; Beta Coming to a Nexus S Near You [VIDEO]

CLARIFICATION: There seems to have been some confusion that needs addressing. BioLock is NOT becoming a part of the CyanogenMod source code. CM is 100% open source, and BioLock is not. Koush will merely be using the CM7 source code to build his own BioLock equipped ROM for the Nexus S. You may now proceed…

If you recall back in early December, AG gave the Interwebs its first detailed insight into what the world will soon come to know as BioLock. Developed by Blue Planet Apps, the program brings true biometric authentication to the mobile platform for the first time in history. CEO Jason Braverman was featured as a guest on our Monday night podcast back on December 13th. If you missed out, you can still hit up our archives at BlogTalkRadio.

This time around, AG has been fortunate to receive an exclusive look an actual test APK of BioLock. This version allows us to see facial and voice recognition first-hand. No one besides developers working on the project have been granted such access to the app, and we are grateful to be Blue Planet Apps’ go-to guys. Before I begin, I will note that iris scanning is still a work in progress, and is not available in the APK we tested. Braverman explains:

“Iris is in development and needs infrared technology in the camera to be 100% accurate, but we made a breakthrough and will be able to get nearly 98% accurate with current tech.”

Braverman also had some other interesting tidbits of news to share with us. We all know that the best way to iron out new software is through a group of dedicated, bug reporting beta testers. So, who make up the best lab rats in the universe? CyanogenMod addicts–that’s who. Blue Planet Apps has therefore come to a deal with the infamous Koush, who is the maker of ROM Manager, ClockworkMod Recovery, a contributor to CyanogenMod, and said to be one of the most brilliant Android devs out there. Koush will be helping with BioLock development. Here are the details of the partnership:

“Koush is going to spend the time to get BioLock put into CM7 on the Nexus S as the lockscreen. This will be the first time we release it to the public and will be our beta. It will give us a chance to learn about how users use face/voice recognition what they like, what they don’t, what improvements we can make, etc.. From this group, we will expand and adapt BioLock, to hopefully spread onto more CM versions and other devices (with Front facing cameras of course). This will constitute the BioLock Beta test group.”

It’s important to note that BioLock is not open-source code and will therefore, most likely, never be a standard part of the actual CyanogenMod code base. Koush will be doing this as a separate project. It will be an unofficial build based off the CM7 source code. Either way, it’s still pretty sweet.

Braverman also noted two other partnerships that are in the works. His team will soon have a free version of the K9 mail client with BioLock embedded. This will allow people (both running this version of K9) to encrypt emails that they send to each other. No release date was given, but development is already underway. VoiceVault is also joining the fray and will allow BioLock’s voice authentication to be expanded beyond numbers.

“We have partnered with VoiceVault for the voice part, and they informed us that we will likely get early access to their next version very shortly, that will allow us to expand voice authentication beyond numbers, into phrases, and that accuracy and speed are ‘greatly improved.’  Blue Plant Apps will integrate this as soon as we get our hands on it.  It is likely that users will need to choose from a specific type of phrase, something like ‘This is my voice, recognize me’ or something to that effect.”

That having been said, let’s get on with it, shall we?

When first launching BioLock, you are greeted with a futuristic looking screen with a message saying that the app is preparing for its first launch. Once that part is done, you are greeted by a British women’s voice, asking you to choose your method of authentication. Below is a video of what we were able to test out. Keep in mind that this is still an early build and only works to give access to the contents of your SD card. It serves as a basic template and proof of concept. Braverman plans to get the facial recognition down to 1 or 2 seconds by the time BioLock is released.

As BioLock development progresses, you can be sure AG will be the first to let you know. Until our next update, grab a cup of coffee (in an Android mug), read something on your Android running Nook, and cuddle up in an green Snuggie. It’s freakin’ cold outside.



  • cece

    BioLock is not open-source code (that would defeat its entire purpose)

    Defeat what purpose ? (well, except making money, which is OK, of course)

    • terry

      I completely agree @cece. The inference is that BioLock is relying on obscurity for security. If that is indeed the case then I cannot trust it before it has even been launched.

    • Benjamin Rubenstein

      It would defeat the purpose because if it were open-source, would it not become easier to break its authentication? If you know exactly how it works, then you can figure out how to bypass it. This would render the app useless.

      • kmobs

        Thats wrong. Opensource software can be secure too. Thats like saying that android unsecure.

        • Benjamin Rubenstein

          I hear that. Do you feel that BioLock could be AS effective and secure if it was open-source? You’re the programmer. I’m very limited in my programming experience.

      • ansongardner

        Security doesn’t happen by playing “guess what number I’ve hard-coded into my software.” Opening the source ensures that the algorithms were implemented correctly. Did you know that some of the best security and encryption software is open source? You should look up truecrypt, openssl, openssh, pgp/gpg.

        Seriously, the statement “that would defeat its entire purpose” is quite ignorant.

        • Benjamin Rubenstein

          I’d like further explanation of how BioLock could be implemented effectively as open-source. I will remove the comment from the post, as I see your point and did not realize that at the time of writing.

  • http://twitter.com/willsours Will Sours

    As long as they can make it do recognition a lot faster, should be a great app.

  • Nick

    Why are people (researchers excluded) still giving any thought to biometrics for security? The kinds of sensors that you’ll find on consumer phones probably aren’t going to be reliable enough for this for a long time.

    What does work? Coming up with good passwords and being responsible about using them.

  • kmobs

    This will never be included in the CM mainline if it is closed source.

    • Benjamin Rubenstein

      You’re 100% right kmobs. I said that in the article :-)

      “It’s important to note that BioLock is not open-source code (that would defeat its entire purpose) and will therefore, most likely, never be a standard part of the actual CyanogenMod code base. Koush will be doing this as a separate project. It will be more of an unofficial build based off the actual CM7 source code.”

      I said “most likely” just in case it one day became open-source or something.

      • ChrisSoyars

        While you said that in the article, you also said:

        “So, who make up the best lab rats in the universe? CyanogenMod nightly using addicts–that’s who.”

        As a contributor to CM, this implies we will be including it in mainline. Anything that makes it into an official nightly, is something that is included in a final release (unless of course we remove it for whatever reason).

        Either way, closed-source addons like this will never make it into our official releases.

        • Benjamin Rubenstein

          I can understand how that may cause some confusion and went ahead and revised the article (added a disclaimer and all). I hope that helps clarify things.

          Keep up the amazing work and thank you for bringing the wording to our attention.

  • xian

    If the phrase is anything but “My voice is my passport. Verify Me.” they are doing it wrong.

    • mcpweev

      We were going to change the world, Marty.

  • Riddlin

    Great start.

  • http://www.facebook.com/people/Marcus-Shields/10043854 Marcus Shields

    Wow. This is sick, I can’t wait!

  • Paul

     I’d feel safer if you got it to fail authentication with a different face.

  • Paul

     Ultimate test: Identical twin passes.  Close look-alike sibling doesn’t.