Wednesday, April 25, 2012

YOUR BRAIN IS YOUR PASSWORD




Forget Fingerprints and Eye Scans, Your Next Password Could Be Your Brain -- Or Your Heart Beat.

THE GIST

- As input devices with computers change, so too will passwords.

- Researchers are exploring using brain signals and heartbeats as identification.

By Jesse Emspak
Mon Apr 23, 2012 01:08 PM ET
Courtesy Of "Discovery News"

When it comes to high-tech passwords, there are fingerprint scanners for computers and facial recognition programs for closed-circuit cameras, and retinal scans are a mainstay of the movies.

Now researchers are looking beyond those technologies to using brain scans and heartbeats to identify people in ways that can't be faked.

"There will come a time when a lot of current input devices won't be necessary," said Ken Revette, a professor of computer science at the British University in Egypt. Revette recently founded the Journal of Cognitive Biometrics to feature research in the developing field of high-tech identification systems.

If people are going to have "Minority Report" computers, then something beyond a keyboard for a password will be needed.

For example, one could use reactions to an image as a password. Navin Cota of the Mind Research Network in New Mexico and Ramaswami Palaniappan of the University of Wolverhampton in the U.K. are working on using signals in the brain that mark attention.

In their experiment they asked subjects to count the number of times a letter appears on a screen. Each time a subject found the letter, their brains flashed a certain signal to the electroencephalogram. This signal, which is a change in the electrical potential measured by the EEG, is the same whenever someone is looking for a certain stimulus.

Cota said this means it's possible to build a two-level password system using images. Imagine, he said, choosing two pictures, one of a landmark, say Big Ben, and the other of a relative, one's mother, for instance.

To authenticate, one would choose the picture of Big Ben presented out of a set. Then one would see another set of pictures, showing Mom.

When looking at the correct picture, the brain generates a signal, which acts as the input, just like entering a PIN on a keypad. Since the reaction of the brain is stronger when looking at the target image, so the change in the electric potential of the brain will only happen in both cases for the "right" person.

The system is secure because only the person who chooses the images knows which ones they picked. It is possible to fake the brain reaction, but the faker would have to know what the correct picture used as a password is.

Cota noted that the big challenge is picking up the signal without requiring a cap -- EEGs require contact with the scalp. But if that problem can be solved then it could be used in conjunction with other methods, even ordinary passwords.

Another area is using heartbeats. A person's heartbeat generally looks similar between one beat and the next. But there is a small difference: on an electrocardiogram (or EKG) there are two "humps" on a heartbeat. The first on the graph looks tall and thin, and the second is shorter and some distance away.

That distance seems to be different with each individual and doesn't change, said John Irvine, an engineer at Draper Laboratory in Cambridge, Mass., who co-authored the study. That means even if ones heartbeat is elevated, the shape of the heartbeat looks the same.

So far, he and his co-author, Steve Israel, principal scientist at Integrity Applications, have only looked at about 200 people. So it isn't clear yet that it would hold up over millions, but it does look promising.

The big challenge in this method is picking up the signal from any distance away. A good measure of heartbeats is usually taken with a sensor in contact with a patient's chest -- a stethoscope, for example, or electrocardiogram. But an acceptable signal could be picked up from a palm reader or even a fingerprint scanner, as long as it gets a pulse.

"That's really an engineering problem," Irvine said, "Though it's a really challenging one."

Revett noted that there is a lot of work with typing rhythms as well. "We challenge a subject with up to 50 visual stimuli," he said. "At the same time we gather typing rhythms."

Those rhythms reveal who is typing, and are exceedingly difficult to spoof because they differ in subtle ways between people.

And it isn't all just for passwords. Irvine said if individual heartbeats can identify people, then emergency workers could call up medical records even when a patient is unconscious.

Meanwhile, Revett said there are applications for the EEG reading in gaming. A gaming system keyed into a person's heartbeat could monitor and respond to a quickening -- or slowing in their pulse.

No comments: