Tech At Bloomberg

B-Unit App for iOS: Bloomberg Terminal authentication comes to the iPhone

July 20, 2022

Over 325,000 traders, analysts, portfolio managers and more use the Bloomberg Terminal, software which provides real-time data, news, and analytics on the global financial markets and enables them to connect with the world’s decision makers. The Terminal has defined electronic financial analysis and trading since 1982, when it was originally introduced as a specialized piece of hardware. Of course, the Terminal came into existence before PCs and workstations were ubiquitous in the workplace. To support its innovative new product, Bloomberg had to develop the Terminal as a piece of hardware, installed on its clients’ desks.

The PC revolution transformed how Wall Street worked, and it also transformed the Terminal. Bloomberg’s customers needed access to the wealth of data behind the Terminal to support new workflows, and having an extra machine on one’s desk seemed inconvenient. So, in 1995, the company introduced ‘Open Bloomberg,’ which turned a client’s standard Windows-based PC into a Bloomberg Terminal. Clients were interested in accessing the Terminal over the Internet, and this move paved the way for even more convenient access to Bloomberg’s services from anywhere in the world.

As the Terminal evolved to meet these customer demands, so too did the need for more advanced user authentication to protect Terminal accounts. And since Bloomberg has always been committed to being at the forefront of making technology easy and safe to use, so too must its approach to authentication strike a careful balance between keeping Terminal accounts secure, while remaining user friendly.

Who are you?

Humans have no trouble recognizing who someone is just by sight. For computers, this is a difficult problem, often rolled into the process of authenticating a user. Authentication is the process of capturing a set of credentials, such as a username and password, and checking that those match the stored attributes about a user. When you create an account with any kind of website, you usually create a username and a password that, ideally, only you know. A password is a single factor of authentication.

But it’s easy to forget passwords, and sometimes they can be guessed or stolen by bad actors, such as through phishing attacks, where an attacker tricks a user into entering their username and password into a fake login page made to look just like the real thing. Using a second factor of authentication, in addition to a password, adds an extra layer of protection to ensure the security of your accounts.

Bloomberg initially provided clients with RSA SecurID tokens, key fob devices that displayed new authentication codes at fixed intervals (around a minute), using a built-in clock. But whoever possesses the token can “steal” and use the code. Fingerprints, as opposed to passwords and one-time codes, are much harder to steal. Nearly everyone has one, and they’re unique to each individual.

Side-by-side pictures of the bottom (L) and top (R) of a BPhone prototype with a built-in AuthenTec AES4000 fingerprint sensorSide-by-side pictures of the bottom (L) and top (R) of a BPhone prototype with a built-in AuthenTec AES4000 fingerprint sensor
A BPhone prototype with a built-in AuthenTec AES4000 fingerprint sensor

Bloomberg was way ahead of the industry in adopting biometric authentication, first with a BPhone prototype with a built-in AuthenTec AES4000 fingerprint sensor in the late ‘90s (pictured above), and then a standalone biometric pod in 2002. In 2004, Bloomberg added fingerprint authentication to the Bloomberg Keyboard, which could then be used to login to the Bloomberg Terminal. The Bloomberg B-Unit device followed in 2005. This credit-card sized biometric authentication device performed the same function, but could be carried around in your pocket.

Image of two rows of B-Unit devices -- top row: white, blue, pink, tangerine, and light green Gen 1 B-Units; bottom row (L-R): black Gen 1 B-Unit, black Gen 2 B-Unit, black Gen 2.5 B-Unit, black Gen 3 B-Unit; black Gen 5 B-UnitImage of two rows of B-Unit devices -- top row: white, blue, pink, tangerine, and light green Gen 1 B-Units; bottom row (L-R): black Gen 1 B-Unit, black Gen 2 B-Unit, black Gen 2.5 B-Unit, black Gen 3 B-Unit; black Gen 5 B-Unit
Tracking the evolution of the B-Unit device through the years
Top Row: Gen 1 B-Unit devices in multiple colors (2009)
Bottom Row (L-R): Gen 1 B-Unit (2005), Gen 2 and 2.5 B-Units (2010), Gen 3 B-Unit (2012), and Gen 5 B-Unit (2020)

Both the Keyboard and the B-Unit were designed in-house by Bloomberg’s hardware engineers. Both pieces of hardware are custom designs, from the plastic shell to the fingerprint sensors and microcontrollers. This gave Bloomberg total control over how these devices operate.

However, for most users, the future of authentication is in smartphones. After all, your mobile device already has a fingerprint or face scanner, it’s usually connected to the Internet, it’s equipped with a camera that can be used to scan unique QR codes, and you’re probably already carrying it around in your pocket. Under-the-hood, most phones also feature tamper-resistant secure secret storage, helping to secure data on the phone. As secure hardware has become more widely available, phone vendors have made these capabilities available to app developers. Seems like a great platform to build a next-generation B-Unit?

Securing your secrets on a phone

To build a smartphone-based B-Unit, Bloomberg would need a way to verify that the secrets used to identify users were being stored in secure hardware. This is easy to do when the hardware is a first-party design, as with the B-Unit device. However, on a phone that’s designed and built by a third-party, you need to be confident that the secure hardware will enforce rules about how these secrets can be used and will protect them from theft. Even if malware takes complete control of the phone, the secrets held by the secure hardware must remain secure.

The process to verify a secret that is held in secure hardware is called attestation. This is usually in the form of a mathematically verifiable proof of the authenticity of a security device, tying a bit of secure hardware back to its manufacturer. Without this process, you have no assurance that your secrets are secure.

In 2017, Google mandated attestation capabilities for all devices shipping with Android 8.0. This new feature enabled a cross-functional Bloomberg team – composed of mobile application developers and QA specialists, engineers who work on the Terminal’s core services and login process, product managers, and UX designers, all led by security architects in the CTO Office – to develop the B-Unit App for Android, which was released in March 2019. This dispensed with the need for a physical authentication device, instead relying on the built-in biometric and security capabilities found in most Android phones. To log in quickly and easily, Android users scan a QR code on their Terminal screen and verify their identity using their phone’s fingerprint reader or facial recognition feature.

Until recently, none of these capabilities were exposed to third-party app developers on Apple products. But now that they are, Bloomberg has released its new B-Unit App for iOS, iPhone and iPad in the App Store, unlocking the convenience of mobile device authentication for iPhone users.

“We have wanted to build the B-Unit App for iOS, but we couldn’t compromise on security,” says Len Welter, Global Product Manager for Bloomberg’s Mobile Professional app. “We’re now able to launch the B-Unit App on iOS, making it even more convenient for our clients to access our services from wherever they’re working. Its development is a case study in how Bloomberg’s philosophy of ‘doing the right thing for the customer’ enables teams to deliver exciting innovations.”

“This is not just a prototype or sketch on the whiteboard,” notes Phil Vachon, Authentication Technology Program Manager in Bloomberg’s Office of the CTO, who led this initiative. “This is actually something that works… Various engineering teams came together to help support this initiative, which was just incredible to watch, and it’s a really good expression of Bloomberg’s core values of innovation and collaboration.”

Read more about attestation on smartphones in Phil Vachon’s Communications of the ACM article “The Identity in Everyone’s Pocket

Apple’s pursuit of privacy

Among consumer tech companies, Apple is particularly committed to privacy on their devices, having led the way on mobile verification technology, with Touch ID fingerprint scanning going all the way back to 2013’s iPhone 5S. This release first brought biometrics into the mainstream. At the same time, Apple began integrating its Secure Enclave processor into most Apple devices, including iPhones, iPads, laptops, desktops, and watches. This specialized processor dedicates computing power to security features, providing an extra layer of security toward the prevention of malicious software attacks.

Vachon and the Security Architecture team in Bloomberg’s Office of the CTO have tracked Apple’s platform security enhancements, focusing on learning about the advanced capabilities the Secure Enclave offers. However, Bloomberg must still reckon with Apple’s balanced approach to exposing security features to third-party app developers, while also ensuring its users’ privacy.

“As the vast majority of Terminal subscribers are iPhone users, we’ve been looking for different opportunities for Bloomberg engineers to integrate Apple’s unique security protocols into the B-Unit App for iOS,” says Vachon. “The advantage of the physical B-Unit is that it’s our device. We manufacture it. We know everything about it from the moment the chip is first put down on the circuit board through to when the device lands in the client’s hands. But with an iPhone, Bloomberg engineers don’t have that luxury.”

However, according to Vachon, Apple maintains similar tracking steps across its supply chain.

“What we really needed from Apple were hooks to allow us to get into that ecosystem and to allow us to take advantage of Apple’s knowledge about a particular device, so that we would be able to know that a device we’re storing user data on or authenticating user with is, in fact, an authentic Apple device,” he says.

When Bloomberg introduced the B-Unit device in 2004, it was a remarkable innovation in security. While the days of pictures of B-Units’ humorous four-letter codes being posted to social media are waning, Bloomberg clients can rest assured that their access to the Terminal remains secure, without ever having to worry about forgetting their B-Unit at home again.

B-Unit App: Unlock the Convenience -- The B-Unit aApp is now available for iOS and Android users. Click to learn more and download the app.B-Unit App: Unlock the Convenience -- The B-Unit aApp is now available for iOS and Android users. Click to learn more and download the app.