April 2020 Ian Chiu
The Samsung T7 Touch is the fourth iteration of the company’s external solid state drive line-up. Save for the Thunderbolt 3-powered X5 which packs a NVMe SSD, previous generations house a mSATA SSD – a limiting factor to performance. Now, the latest T7 also packs a NVMe SSD and it is coupled with a 10Gbps USB-C port to leverage the potential of the Samsung’s 92-layer TLC V-NAND. Samsung proclaims the T7 has a top transfer speed of 1050MB/s, up from 540MB/s of the T5.
What further differentiates the Samsung T7 Touch from its siblings is the built-in capacitive fingerprint reader, complemented with cross-platform compatibility across PC, Mac and Android. (Though, you will need to install software on each device separately to access protected data on the T7.) The additional circuits also make the Samsung slightly larger than the last generation T5. Keep in mind the T7 hasn’t passed any FIPS certifications so its biometric security is likely meant for hiding personal data from prying eyes than safeguarding sensitive corporate secrets from resourceful hackers.
eyeDisk is probably as sophisticated as it gets when it comes to protecting data on a flash drive. Its security relies on an integrated IR scanning camera that you find on a Samsung Galaxy smartphone to capture your iris patterns. The drive only unlocks data inside when a biometric signature is matched. Its scanner is reportedly said to work flawlessly if a user has sunglasses or contact lenses in different lighting conditions – even in the dark.
Keep in mind the eyeDisk is only a Kickstarter campaign for now. So it remains a proof of concept rather than a shipping product until there’s a confirmed delivery date (tentatively March 2019). Also, there’s rather limited amount of information regarding the iris recognition method and IR sensor being used. There was a similar product called EyeLock Myris that captures real-time video to record a series of snapshots of your iris to build a unique ID on over 480 points. This could be overkill for a consumer product.
We are keeping our fingers crossed that the eyeDisk will ship according its specified date and will work as advertised.
After biometric has become mainstream security in smartphones, no one really wants to deal with passwords anymore. It seems natural fingerprint locking technology would find its way into flash drives. For those who depend good old thumb drives as a standard tool to exchange data on a regular basis with colleagues, the Lexar’s JumpDrive F35 USB drive – now equipped with fingerprint authentication – is worth a look.
The JumpDrive F35 can store up to 10 fingerprint IDs so one can add different colleagues to the list of authorized users. As soon as all users are being enrolled with Lexar’s Windows-only software, the drive no longer needs the software for authentication. Unlocking the drive content is as simple as resting your finger on top of the glass surface on the F35. Lexar promises fingerprint recognition in less than a second at which speed is pretty much standard these days. The data is further protected with 256-bit AES encryption. Though, we aren’t sure if it’s full-disk encryption or not.
Two-factor authentication has always been at our disposal, but most of us don’t really bother unless we are forced to comply with online banking requirements. There has been a solution called YubiKey; it works with U2F, an emerging open authentication standard hosted by FIDO Alliance whose goal is to add an extra layer of security for browsers and mainstream web services, such as Gmail, FaceBook and DropBox.
The YubiKey neither requires drivers nor client software. Since it is recognized as a USB HID device, the platform-independent token works seamlessly with Windows, Mac and Linux. The keys themselves are manufactured in Sweden and USA in ways that reportedly make them tamper-proof. The fourth-generation of YubiKey now offers even faster and stronger crypto. Out of the three models, one ($50) supports the new USB-C connector while a nano version with regular USB-A plug allows you to flush mount it on your PC.
Fingerprint authentication is also an integrated part of Windows Hello that replaces passwords with biometric recongition. Though, generations of older PCs wouldn’t have the hardware sensors required by Windows’s new bio-security system. If you have a spare USB port, then the unobstructive PQI dongle might be what you are looking for.
The PQI’s My LocKey fingerprint reader is powered by Synaptics-powered Natural ID fingerprint sensor that works with Hello. The engine is reportedly fast enough to finish authentication with 0.15 second. Everything is housed inside a USB dongle whose size is comparable to that of a mini flash drive so the PQI can stay connected to your laptop at all times. Getting this ready only requires that you follow several steps of simple registration procedures before you can start logging in Windows with a single touch of a finger.
Flash drive with a keypad isn’t new, but Kingston is serious about getting this right. The DataTraveler 2000 – certified for FIPS 197 – facilitates authentications on battery power so correct key sequence has to be entered before the drive will even show up as active hardware. The self-contained security essentially prevents any communication from the host computer to the drive until the PIN is physically entered.
As a result, this removes the easy options for snoops. There’s no password to be sniffed via keyloggers and conventional means of brute force attacks on the drive won’t help. Ten incorrect attempts will wipe the cipher and the data is effectively lost. This should deter any means of computer enhanced attacks that leverage the PC’s power. Cracking this 256-bit AES full-disk encryption drive hence will require much more work which is the best that any security system can really hope for.
Encryption is a necessity these days if you often carry data on USB drive from place to place. But it’s chore entering password every time you need access to the drive. This is where the Buffalo MiniStation Extreme NFC comes in. The portable drive comes equipped with near field communication reader (NFC) so that you can conveniently unlock the content with tapping with a smart card. It’s ideal for absent minded users who keep forgetting their password – especially a strong, secure one.
Although there’s still password protection, Buffalo doesn’t offer two-factor authentication. Your password is simply a fallback option in case you lose the smart card. In addition to 256-bit AES full disk encryption, the MiniStation is for both water and dust resistant. There are also internal bumpers inside the drive to absorb force from a drop of up to 1.2m. Least but not least is the integrated cable that wraps around the chassis.
These are 6 up-to-date USB security solutions we’ve found so far. We hope you find them useful. If you are using some other products that aren’t lised here, let us know if the comments below.