Slashdot Mirror

← Back to Stories (view on slashdot.org)

Human Ear Could Be Next Biometric System

Posted by timothy on from the whisper-secrets-in-your-ear dept.

narramissic writes "A team of researchers at the University of Southampton, UK, has received funding from the UK's Engineering and Physical Sciences Research Council to learn whether otoacoustic emissions (OAE), the ear-generated sounds that emanate from within the spiral-shaped cochlea in the inner ear, can be used as a viable biometric technology like fingerprints and IRIS recognition. According to a report in New Scientist, someday instead of asking for passwords or pin numbers, a call center or bank would simply use a device on their telephone to produce a brief series of clicks in the recipient's ear to confirm the person is who they say they are." Try faking that with gummy bears.

9 of 154 comments (clear)

  1. Biometrics are great by flaming+error · · Score: 4, Insightful

    ... when used as identification rather than authentication.

    1. Re:Biometrics are great by Whalou · · Score: 2, Insightful

      Because if someone cuts off your head, they end up with your 'unique ear click pattern'. The technet article talks about a case where thieves cut someone's finger to steal his biometrically 'protected' car.

      --
      English is not this .sig mother tongue...
    2. Re:Biometrics are great by flaming+error · · Score: 4, Insightful

      > Biometrics are useless as identification since, as we have seen, they are easily spoofed.
      You're exactly missing the point - any self-respecting system must expect fraudulent impersonation.

      We can all present ourselves to Slashdot as Cmdr Taco, but come password time most of us would be thwarted. If the password went away in favor of a fingerprint (or earprint), as soon as somebody lifts it and posts it, we can all be Cmdr Taco. Until he changes his fingerprints.

      But if his fingerprints were just a substitute nickname/login id, even after they are posted online we'd still have to crack the secret to convince the system we're the real enchilada.

    3. Re:Biometrics are great by Znork · · Score: 2, Insightful

      Because while most biometrics provide a specific identity with at least some kind of reliability, they do not prove that the person wanting to get authenticated as being that identity actually _is_ that identity.

      See, you may be the only person in the world whose ear makes that specific click pattern. But anyone in the world can carry a device that makes that exact click pattern as well.

      Same with fingerprints or DNA; it's your DNA, it most often can't be confused with anyone elses DNA, but you leave it everywhere and anyone can present it for inspection. Same with fingerprints. They describe you, but they're not a secret only you know.

      PIN codes and passwords are better for authentication, as hopefully you don't leave them around on everything you touch. They can also be varied between different systems, so if one is compromised it doesn't mean they're all compromised. When someone copies your biometrics they know it'll be the same everywhere, you can't revoke it you can't change it, and to anyone who thinks identity and authentication is the same thing, the person carrying your means of identification will essentially be you.

  2. FFS. by fuzzyfuzzyfungus · · Score: 5, Insightful

    So, let me get this straight:

    We are poised to make the same idiotic "Hey guys! Let's use biometrics for authentication!" mistake that we've made all the other times.

    So, you can test the structure of somebody's ear by clicking at it and recording the result. Does this mean that you can infer the structure of someone's ear just by clicking at them and recording the result, thus allowing you to, with a dash of DSP, fake their ear structure on future tests? I'd want to be Very sure that that wasn't possible. A system where you can get somebody's Super Secret Biometric Secure Security ID just by calling them up and making funny noises would be even worse than the issues with fingerprints as authentication methods.

    1. Re:FFS. by swilver · · Score: 2, Insightful

      Even if you can't infer it... I could call the bank, while at the same time calling you. If I relay their beeps and resulting sounds fast enough it might just work.

  3. Wow, body acronyms by ratnerstar · · Score: 3, Insightful

    What's up with "IRIS" in all CAPS? I see this pretty regularly. But iris isn't an acronym, it's just a part of your body. I guess "IRIS recognition" sounds more James Bond-y than plain old "iris recognition."

    --
    Just because you sold your soul to the devil that needn't make you a teetotaler. --The Devil and Daniel Webster
  4. Ears huh? by nixdroid · · Score: 1, Insightful

    Sounds better than having your eyeball gouged out.

    --
    -- Consensus - 50% probability that the majority are wrong.
  5. The ear grows your entire life by Sark666 · · Score: 2, Insightful

    Wouldn't that change the sound?