November
16
Tags
FINNEY Secure Blockchain Smartphone
We’re always on the lookout for items of tech with strong security features that stand out from the crowd. In the smartphone arena the Sirin Labs FINNEY Secure Blockchain Smartphone ticks both boxes among hordes of generic rectangular clones.
The FINNEY provides a general set of features that could be expected from any current flagship class handset, including: a Snapdragon 845 processor, 6Gb of RAM, a 6″ (1080 x 2160) LTPS LCD display and a 3280mAh battery.
What interested us most though are are several unique selling points including a self-contained crypto wallet allowing for the cold storage of several types of token, accompanied by a suite of security features which we’ll get into shortly.
Since the stratospheric rise of Bitcoin and various other ‘altcoins’ it’s no secret that crypto-fever has gripped the world of trading and investing, and is now arguably moving beyond early-adopter phase. The FINNEY reflects that reality.
Finney Cold Storage Wallet
The FINNEY Wallet is accessed via touch-screen entry of a password into a 2″ slide-up Safe Screen housed neatly in the top of the handset’s metal and Gorilla Glass casing.
When the Safe Screen is raised and the FINNEY Wallet is being accessed, it’s protected by a FPGA (Field Programmable Gate Array)-based firewall providing defence against any unauthorised access attempts. When the screen is lowered the wallet is electromechanically disconnected from the rest of the device and wider networks. Cold storage wallets held offline in this way significantly reduce the risk of a crypto stash being swiped by tech-savvy 21st century thieves.
The flip side of cold storage is that loss of either the device holding the wallet or the security credentials for accessing them can mean complete loss of funds. There are reportedly more than a few would-be Bitcoin millionaires desperately hunting through houses and even rubbish dumps for the device on which their fortunes are entombed.
The FINNEY offers a degree of protection against such losses through generation of 24 ‘seed words‘ when you create a wallet password, which you can write down and keep in a secure offline location appropriate to the amount you hold (we have a penchant for biometric safes). If your FINNEY is broken or lost these seed words act as a recovery phrase of sorts and are used to generate a number required to recreate your wallet.
Token Conversion Service (TCS)
An accompanying Token Conversion Service (TCS) allows the purchase, sale and conversion between several cryptocurrency types; Bitcoin, Ethereum and Sirin Token (SRN) at time of writing, with more likely to be added in the future.
For the crypto investor or trader, these are serious advances – negating the requirement for purchasing or storing through online exchanges, which have been subject to a string of high-profile hacks in recent years.
Behavior-Based Intrusion Prevention System
Looking beyond its blockchain-related innovations, the FINNEY also offers an impressive more general set of security features; a hallmark of its earlier Solarin handset.
Firstly, the device is fitted with a behavior-based machine learning intrusion prevention system (IPS) as part of its hardened Android-based SIRIN OS. So what does that mean?
In general terms an IPS is an application that monitors for, detects and takes action to block cyber threats. For example, an IPS detecting repeated connection attempts to a port which does not normally receive much network traffic might temporarily block access to said port. Early IPS were typically signature-based, meaning they were intended to drop network packets associated with a known type of attack (assuming their signatures were suitably up to date).
Difficulties with signature-based detection arise when flood of network traffic (a denial of service attack) hits an IPS from a previously legitimate source or some form of unknown ‘zero-day’ attack occurs
The machine-learning IPS found in the FINNEY is intended to baseline normal Operating System and network behaviour and alert the user to threats without waiting for a software update, patch or signature.
Secure Communications
Data communications transiting on and off the FINNEY can be secured by end-to-end (E2E) protection through use of KoolSpan’s TrustCall secure voice and text service.
Meanwhile, emails are protected by ProtonMail – a Swiss firm that takes the security of its services pretty seriously. Emails are automatically encryped with a blend of proven AES, RSA and OpenPGP algorithms, based on open source cryptographic libraries which allow for public scrutiny of the code being used.
With a dash of eccentric charm, ProtonMail’s service infrastructure is also housed in a data center buried in the side of a rather large Swiss mountain.
It’s worth noting that ProtonMail can also be used to send encrypted emails to users of other service providers (e.g. Gmail) by providing them with a passphrase.
Three-Factor Authentication (3FA)
Finally, the FINNEY comes equipped with three-factor authentication (3FA), allowing the user to set a combination of lock-pattern, biometrics (via a finger-print reader located on the back of the handset) and behavioural indicators.
At one point in time use of fingerprint readers and facial recognition scanners now commonplace in many smartphone handsets might have seemed excessive. But with various proof of concept hacks on each of these authentication types, a 3FA approach seems increasingly prudent where authentication is a key concern.
An extra layer of access control is provided by the FINNEY’s App Lock feature, which allows fingerprint or PIN access to individual apps. This could be particularly useful if you want to be able to pass your handset to others and show off things like holiday photos, without letting them poke around the entire device. You can see App Lock being set up in the following video.
In a packed smartphone market filled with diverse needs and preferences, Sirin Lab’s latest offering is not going to be all things to all people – nor was it designed to be. For security-conscious types and cryptocurrency ‘hodlers’ the FINNEY is a functional, unique and stylish handset.
Did you find this post useful? Consider following @DS_Watch on twitter or download our free Android App.
Digital Security Watch 