Tuesday, April 16, 2013

Researchers replace passwords with passthoughts by reading your mind

Berkeley researchers replace passwords with passthoughts by reading your mind
In the future, instead of trying to type your mixed-case, numbers-and-punctuation on a painfully small smartphone screen, logging in might be as simple as thinking of your password — or passthoughts, if you will.
This finding, which comes from UC Berkeley, essentially turns your brain activity into a biometric identifier. In much the same way that your DNA or the blood vessels in your retina are unique, your brainwaves also seem to be unique and can be used to identify you — useful, if you want to log into a computer, or otherwise prove your identity.
To do this, the Berkeley researchers use a $100 commercial EEG (electroencephalogram). This $100 EEG, made by Neurosky, basically resembles a Bluetooth headset with a single electrode that rests on your forehead, over your brain’s left frontal lobe. This electrode measures your brainwaves, which it then transmits via a Bluetooth link to a nearby PC. The Berkeley researchers say that they their system has an error rate of below 1%, which is comparable to clinical EEGs, which typically attach 32 to 256 electrodes all over your skull and cost a lot more than $100.
brain-computerTo develop brain biometrics, participants were asked to complete seven different tasks with the EEG equipped. Three of the tasks were generic, requiring the participants to focus on breathing in and out, imagine moving their finger up and down, and listening for an audio tone; the other four tasks required participants to focus on an individual/personalized secret, such as singing a song of their choice, or performing a repetitive action. While performing these tasks, some clever software on a nearby PC is watching your brainwaves, trying to discern a pattern, a heuristic that identifies your brain. It turns out that all seven tasks — even just sitting there and focusing on your own breathing — provide enough information to authenticate your identity.
In short, then, Berkeley has developed a system that allows for biometric login and only costs $100. There are some obvious issues — such as the bulk and ugliness of the EEG, and the accuracy of the system — but both of these are fixable. In its current form, you can’t imagine people wearing the Neurosky EEG in public — but if the electrode was skin color, and flush with the skin rather than on a big black arm, it would be a lot more palatable. It is not too crazy to imagine a Bluetooth smartphone headset, perhaps in a year or two, that incorporates an EEG. The accuracy of the system is slightly more troublesome: Successfully identifying someone 99% of the time is good, but nowhere near good enough for serious applications. The accuracy of the system should increase over time, though, as EEG hardware and biometric algorithms improve in quality.
Looking forward, it is quite easy to imagine smartphones that automatically unlock as soon as you pick them up — as long as you’re wearing a Bluetooth/EEG headset. Assuming the accuracy can be improved, you might also log into your corporate computer just by sitting down — again, as long as you’re wearing a Bluetooth/EEG headset. Passwords, and thus a whole range of attack vectors, will become a thing of the past. And ultimately, of course, we’ll do away with the headset entirely and just have a wireless EEG implanted under our skin, allowing us to control robotic limbs, log into computers, and play video games with just our thoughts.

No comments:

Post a Comment