April 10, 2013
Brainwave Passwords Are The Next Futuristic Thing
Lee Rannals for redOrbit.com — Your Universe Online
Researchers are working on a new way to provide security where instead of typing a password, you simply think of it.
The team presented their findings at the 2013 Workshop on Usable Security at the Seventeenth International Conference on Financial Cryptography and Data Security in Okinawa, Japan. They conducted several experiments to determine whether their ideas were feasible.
Researchers used the Neurosky MindSet for their project, which is a device that connects to a computer wirelessly using Bluetooth and only costs about $100.
“Other than the EEG sensor, the headset is indistinguishable from a conventional Bluetooth headset for use with mobile phones, music players, and other computing devices,” according to the researchers.
They performed experiments to determine whether the single electroencephalogram (EEG) channel would provide enough signal quality for accurate password authentication. In order to authenticate a password, the computer must be able to accurately and consistently distinguish brainwave patterns between different users. By selecting customized tasks for each user and then customizing each user's authentication thresholds, the team was able to reduce error rates to below one percent.
Researchers asked participants to perform seven mental tasks while they measured brainwaves. In three of the tasks, participants were asked to perform the same task, and in four of the tasks, they were asked to think of individual secrets.
Participants in the first group were asked to focus on their own breathing, imagine moving their finger up and down, or listen for an audio tone. The group who had to think of a secret was also asked to imagine performing a repetitive motion from a sport of their choice, imagine singing a song, watch a series of on-screen images, and silently count the objects that match a color of their choice.
The team said all of the tasks provided enough data to authenticate users. They added that the key to the success of the brainwave authentication system is finding a mental task that users won't mind repeating on a daily basis.
Researchers found that users prefer to repeat tasks that are fairly easy, but not too boring. The participants' favorite tasks included counting objects of a specific color, singing a song of their choice, or focusing on their own breathing.
“We find that brainwave signals, even those collected using low-cost non-intrusive EEG sensors in everyday settings, can be used to authenticate users with high degrees of accuracy,” the researchers conclude.
This isn't the first group of researchers to take password protection to a futuristic level. In 2009, a group of European researchers used EEGs and electrocardiograms (ECGs), which records heart rhythms, to better identify people. The team concluded that their system could be integrated into sophisticated biometric systems prone to break-ins.
Other research projects aimed at keeping security measures tight include analysis of gait, which is the way people walk, and analysis of seated posture.