Brainwaves Could Make Passwords Old School
Apr 10, 2013 2:00 PM PT
Brainwave authentication can be used instead of passwords to protect computer logins, researchers at the University of California at Berkeley's School of Information said this week. The development opens up the potential for users thinking certain thoughts or picturing specific images to gain access to devices, thereby adding a layer of biometric security.
UC Berkeley's John Chuang presented the team's findings at the 17th International Conference on Financial Cryptography and Data Security, held in Okinawa, Japan this week.
The researchers used the NeuroSky Mindset, a Bluetooth headset that costs about US$100. They found the headset's single electroencephalography (EEG) channel provides good signal quality for accurate authentication 99 percent of the time.
Chuang did not respond to our request to comment for this story.
What the Researchers Did
The researchers asked participants to perform seven mental tasks. These were divided into two categories.
For the first group of tasks -- which were the same for all participants -- the subjects were asked to focus on their own breathing, imagine moving a finger, or listen for an audio tone and respond to that by focusing on a dot on a piece of paper.
For the second group of tasks -- which participants selected and performed individually without letting others know what they were doing -- the subjects were asked to select from imagining performing a repetitive motion from their favorite sport, such as swinging a golf club; singing a song of their choice; watch a series of onscreen objects and silently count those that matched a color of their choice; or think of something for 10 seconds.
The NeuroSky MindSet
The NeuroSky MindSet is a Bluetooth headpiece with a main sensor that's placed on that part of the head termed FP1 by scientists. The area is above the prefrontal cortex of the brain, on the front left side of the brain's frontal lobe. Emotions, mental states and concentration are dominant in this area.
NeuroSky filters out noise frequencies from muscle movements, the human pulse and electrical devices. The headset measures dominant brainwaves, and the company claims its products let users influence the functions of an electronic device by thoughts.
The Power of Thought
"This is one of those interesting technologies that could be used for more than password protection," Jim McGregor, founder and principal analyst at Tirias Research, told TechNewsWorld.
"It could be used to control peripherals or input/output functionality, and could eventually even be used to input text through thought," McGregor said. "That's very far out there, but it's potentially not unfeasible."
However, using thought waves will not necessarily make computers more secure, said Randy Abrams, a director of research at NSS Labs. "Regardless of the authentication method, digital data must be sent over the Internet. From the moment the input receives the authentication thought, it's digital data and subject to attack."
Further, it's "absolutely essential" to have a backup method of access because "neither amnesia nor dementia are urban legends," Abrams told TechNewsWorld. Fingerprint or retina scans could serve as backup authentication.
Brainwave access "would work really well with wearable computers, or with something like Google Glass," McGregor noted. "You just put on a headset and have everything essentially connected to your body."
In the next 40 years, mobile phones will be replaced by wearable devices with built-in communications capabilities, Carl Howe, a research vice-president at the Yankee Group, told TechNewsWorld.
"We'll have watches, bracelets, glasses, hats, and necklaces which can be used for communication with people and Internet services," Howe said, "and we'll buy them as much for their fashion value as for their technology value."