This sounds fantastic, and my first reaction was "don't I need a password on LaunchKey in order to unpair my device?" So I checked it out, and they only use your username and e-mail.
Unfortunately, I can't download the app for WP7, so can't check for myself how it works, but my next step is to wonder if I can take somebodies phone, which has their e-mail, unpair their devices and change the notification e-mail address?
Either way, I'm really excited about the potential of this.
Oh, and absolutely LOVE your logo.
Hey pedalpete, unfortunately we don't support legacy Windows Phone yet, but we do support Windows Phone 8+.
As for your question regarding a stolen phone, in addition to built-in device security (such as a PIN lock or remote wipe) we've provided a number of features that should help users in such a situation: First, the LaunchKey mobile app comes with two in-app knowledge factors (a numberless combo lock and a standard PIN lock) that can be enabled to prevent access to the LaunchKey app itself. Second, a user can enable geofencing or add a Bluetooth factor to prevent the device from authorizing outside specific geographical zones or when unconnected to specified Bluetooth devices (a FitBit, iBeacon, etc.).
While in theory an attacker could disable these services within the app, we've assigned 60 minute delays to creating or removing geo-fences and Bluetooth device factors. The idea being that you should realize your phone/device is gone within an hour, and within that time you can use our third protection: remotely unpair a device via the LaunchKey website or via another paired device, thus disabling that device.
Thanks for your feedback and please let us know if you have any other questions or comments!
I don't like the amount of permissions their mobile (Android) app requires:
* storage - modify or delete contents of usb storage
* location ?
* your applications information ?
* bluetooth settings ?
* network communication - full network access
* system tools - test access to protected storage ??
* network communication - view network connections
* your accounts - find accounts on the device, read Google service configuration ??
* affects battery - control vibration, prevent phone from sleeping
So I'm interested, but it seems like it needs way more access than the app should require. Until they cut down on the permission requirements, I'll be avoiding it.
Storage: your settings
Location: Geo-fencing capabilities if you want to lock to specific geographical coordinates.
Your applications information - ???
Bluetooth settings - For device factor if you want to restrict authentication when in Bluetooth range or a paired device.
System tools - test access to protected storage - Private keys and information that identify your device need to be protected as best they can be.
Your accounts - read Google service configuration - I don't know, is this just some kind of regular permission?
5 comments
[ 2.9 ms ] story [ 22.9 ms ] threadUnfortunately, I can't download the app for WP7, so can't check for myself how it works, but my next step is to wonder if I can take somebodies phone, which has their e-mail, unpair their devices and change the notification e-mail address?
Either way, I'm really excited about the potential of this. Oh, and absolutely LOVE your logo.
As for your question regarding a stolen phone, in addition to built-in device security (such as a PIN lock or remote wipe) we've provided a number of features that should help users in such a situation: First, the LaunchKey mobile app comes with two in-app knowledge factors (a numberless combo lock and a standard PIN lock) that can be enabled to prevent access to the LaunchKey app itself. Second, a user can enable geofencing or add a Bluetooth factor to prevent the device from authorizing outside specific geographical zones or when unconnected to specified Bluetooth devices (a FitBit, iBeacon, etc.).
While in theory an attacker could disable these services within the app, we've assigned 60 minute delays to creating or removing geo-fences and Bluetooth device factors. The idea being that you should realize your phone/device is gone within an hour, and within that time you can use our third protection: remotely unpair a device via the LaunchKey website or via another paired device, thus disabling that device.
Thanks for your feedback and please let us know if you have any other questions or comments!
(disclosure: I'm a co-founder of LaunchKey)
* storage - modify or delete contents of usb storage
* location ?
* your applications information ?
* bluetooth settings ?
* network communication - full network access
* system tools - test access to protected storage ??
* network communication - view network connections
* your accounts - find accounts on the device, read Google service configuration ??
* affects battery - control vibration, prevent phone from sleeping
So I'm interested, but it seems like it needs way more access than the app should require. Until they cut down on the permission requirements, I'll be avoiding it.