CES in Las Vegas was resplendent with consumer gadgets designed to connect you to the outside world. Only a very few were designed to help protect you from it.
Private security and privacy devices made only their second appearance as a discrete product category CES in 2016, even after another 12 months in which high-profile hacks, security alerts and new attempts by governments to extend legal surveillance dominated the headlines.
While you might expect such devices to have grown in importance, the reality was that even fewer such products seemed to be on show, compared to last year. There were only 18 companies at the cyber and personal security ‘marketplace’ in 2016, out of 3,631 attending businesses — or just under half of one percent. Many more products at the show had a security element, from WiFi home cameras to VPN software, but of devices designed specifically for consumers to enhance their digital security there was relatively little on show.
Ledger, a Paris and San Francisco-based startup, won attention in 2015 for their simple smart card-based product designed to add a second-factor authentication layer to Bitcoin transactions. This year they came to CES with something much more ambitious, the ‘Ledger Blue‘, a small, touchscreen device designed to act as a secure, standalone ‘black box’ for everything you want to keep private.
By combining an EAL6 secure chip, a hack-resistant crypto library and a trusted, built-in display, structured around a ST31 secure microcontroller, this small touchscreen device, which costs around $100, is potentially your next best asset in a world where all of your digital transactions are carried out on eminently hackable devices.
“Bitcoin and Blockchain are gaining a lot of traction, because they are fundamentally better than what we have today in the mainstream. What form it will eventually take — Bitcoin or private Blockchain — we don’t know yet, and time will tell. But in any case, Bitcoin relies on public key-private key cryptography and there is an absolute need to secure the private keys,” Ledger co-founder Thomas France tells WIRED on the show floor at CES.
“The difference with Ledger Blue is that it has a built-in screen that is piloted by the secure environment.”
In practice that means this small device can fulfil dozens of security functions. It can power secure Bitcoin, cryptocurrencies and blockchain transactions. It acts as a secure key for Google, Dropbox, Github and many other online services. It has a suite of PGP tools that allow you to authenticate and encrypt emails, manage your digital identity and protect it from snoopers. It’s basically David Cameron’s worst nightmare, in a 97mm by 68mm box.
“We put a lot of energy into making it sexy,” France says, emphasising that the Blue is aimed at consumers and not just security professionals and businesses. Indeed the first people to buy it in Spring 2016 will be enthusiast early-adopters, “Security is not something cumbersome or something people are willing to pay attention to so we really wanted to make the device sexy, so people would want to use it,” he told WIRED.
Ledger hopes that the Blue will build on the success of the much simpler Nano, which France said sold around 10,000 units in 100 countries, just for use with Bitcoin.
Still, he admits the idea of carrying a personal security device is “niche”, with most tech users unaware of their vulnerabilities let alone the tech designed to help negate them.
“The match between consumer electronics and security is… not a perfect fit,” he says, gesturing across the CES floor towards the bigger names in tech like LG, Samsung and Sony, each showing off their perfectly hackable wares in flashy, booming stands.
“For end user security products it’s still niche, we know that this product we want to sell it for end users but it’s really for privacy-aware and security aware people. It’s going to grow, but it’s still niche.”
Nearby to Ledger, other products designed to replace your credit cards with a secure e-wallet, or just house your RFID cards in a Faraday Cage were also on show, as they were in 2015. Security themes were also present among many of the startups at the Eureka Park area — including Dutch VPN hardware startup Keezel, a device to let users create a secure connection on public WiFi — and some larger cybersecurity firms who had stands.
If there was one organisation at CES taking a special interest in security above all others, it was the American Federal Trade Commission. Edith Ramirez, chairwoman of the FTC, used her speech at CES in 2015 to call for greater awareness for the security implications inherent in the so-called Internet of Things. This year, ahead of the show, she told the Washington Post that the same issues are if anything more important 12 months on. “I can’t emphasise the importance of data security enough,” she said. “Given the volume of information that’s being gathered and given the sensitivity of the information being gathered, in my mind, preserving and protecting that information is incredibly and increasingly vital.”
Back in the deserted, official ‘privacy’ area of the CES hall, another business making the pitch for personal security was Armourcard, an Australian company which sells a card-sized jammer designed to block the 13.56Mhz frequency that RFID cards generally use to communicate with devices. With an internal 24 month battery and a simple single-switch interface, it appears to be a well-designed enough product — though WIRED cannot comment on whether it works in practice, or whether RFID skimming is a serious threat, which seems mostly doubtful, even as contactless payments explode in the UK.
Still, Armourcard CEO Tyler Harris says that growing interest in his company’s product demonstrates that there is a consumer market for privacy tech — even if it hasn’t materialised in a glut of new consumer products at CES this year.
“In the last year we’ve become more aware as consumers, and we’re not believing blindly that we’re secure,” he tells WIRED. “As a consumer you have to start taking privacy into your own hands. That’s why this area at CES is where it starts. You start reclaiming your own privacy.”