Chain has released a demo iOS app with a new feature it says is the future of bitcoin on mobile devices â the ability to send bitcoin using fingerprint recognition technology.
The team says that by using Appleâs built-in Touch ID feature, users can now authenticate a transaction with the dab of a digit, and describes the technology as a âsimple solution for mobile bitcoin apps that need to sign transactions and store private keysâ.
The best news, perhaps, is that the new API can be freely used by others. Chain told CoinDesk that the solution is âtotally open sourceâ and that developers can take it, fork it and use it as a base for their own apps.
All developers interested in the project can find all the necessary code and documentation on GitHub.
The demo wallet has been built using Chainâs API, and utilises Appleâs Touch ID fingerprint scanner to ensure no one other than the deviceâs owner can use the private bitcoin key.
The key itself is stored in the iCloud Keychain â a feature that stores and shares account IDs, passwords and other sensitive information across a userâs Apple devices â but is used only by the app using the API.
A person wanting to send bitcoin simply opens the Chain app, and clicks âsendâ. At this point they are prompted to touch the fingerprint sensor on the phone to authenticate the transaction. Once approved, the user can scan a QR code or paste in the receiverâs wallet address and complete the transaction (see the video below).
The new API will not be available for a great number of devices for a while however. The demo wallet uses the iOS 8 Touch ID API, meaning it cannot be used on earlier releases of Appleâs mobile operating system.
Apple opened its fingerprint scanner to third-party developers in iOS 8, so this functionality is only available for devices running Appleâs forthcoming iOS 8 update. For the time being, Apple only offers Touch ID on the iPhone 5S.
Furthermore, because Chain uses iCloud to store bitcoin keys, the solution is only as safe as Appleâs security. To make this clear, the team offers the following security disclaimer:
âYou have to 1) trust Appleâs security and 2) use Appleâs security (i.e., do not use on jailbroken phones). We recommend only using this sort of implementation with small amounts of money (think wallet, not bank account), and using multi-sig and cold storage for storing larger amounts, ideally spread across multiple services.â
Questions have been raised about Touch ID security in the past â while experts agree it is more secure than a four-digit PIN, donât expect industrial grade security.
It does, however, offer an additional layer of biometric security and, now that it is open to third parties, looks likely to be used for payments in the very near future.
