Slashdot Mirror

← Back to Stories (view on slashdot.org)

Human Ear Could Be Next Biometric System

Posted by timothy on from the whisper-secrets-in-your-ear dept.

narramissic writes "A team of researchers at the University of Southampton, UK, has received funding from the UK's Engineering and Physical Sciences Research Council to learn whether otoacoustic emissions (OAE), the ear-generated sounds that emanate from within the spiral-shaped cochlea in the inner ear, can be used as a viable biometric technology like fingerprints and IRIS recognition. According to a report in New Scientist, someday instead of asking for passwords or pin numbers, a call center or bank would simply use a device on their telephone to produce a brief series of clicks in the recipient's ear to confirm the person is who they say they are." Try faking that with gummy bears.

24 of 154 comments (clear)

  1. Re:Foots by K.+S.+Kyosuke · · Score: 2, Funny

    Why go to extremes (ears, feet) when you can follow the golden middle road? Oh, wait...

    --
    Ezekiel 23:20
  2. Gummy bear in my ear! by Anonymous Coward · · Score: 3, Funny

    It won't come out! STICKY!!! Thanks timothy.

    1. Re:Gummy bear in my ear! by Red+Flayer · · Score: 5, Informative

      It won't come out! STICKY!!! Thanks timothy.

      Use a straightened fishhook, the barb will make the gummy bear easy to remove. Just be sure to wait until the gummy bear is warm and soft. And insert the hook very gently. And stick the hook through a cork first, to limit the depth it can penetrate -- measure by sticking the hook into the ear until it hits the gummy bear, then add 1/4 inch (about 1/2 cm). THIS IS VERY IMPORTANT. The length of hook sticking out of the cork should be distance to gummy bear in ear canal + 1/4 inch.

      If the hook pulls out of the gummy bear, put a piece of ice in the ear, wait until it melts, then try again.

      Or so I've heard (muffled, of course).

      --
      "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
  3. Biometrics are great by flaming+error · · Score: 4, Insightful

    ... when used as identification rather than authentication.

    1. Re:Biometrics are great by Whalou · · Score: 2, Insightful

      Because if someone cuts off your head, they end up with your 'unique ear click pattern'. The technet article talks about a case where thieves cut someone's finger to steal his biometrically 'protected' car.

      --
      English is not this .sig mother tongue...
    2. Re:Biometrics are great by flaming+error · · Score: 4, Insightful

      > Biometrics are useless as identification since, as we have seen, they are easily spoofed.
      You're exactly missing the point - any self-respecting system must expect fraudulent impersonation.

      We can all present ourselves to Slashdot as Cmdr Taco, but come password time most of us would be thwarted. If the password went away in favor of a fingerprint (or earprint), as soon as somebody lifts it and posts it, we can all be Cmdr Taco. Until he changes his fingerprints.

      But if his fingerprints were just a substitute nickname/login id, even after they are posted online we'd still have to crack the secret to convince the system we're the real enchilada.

    3. Re:Biometrics are great by Znork · · Score: 2, Insightful

      Because while most biometrics provide a specific identity with at least some kind of reliability, they do not prove that the person wanting to get authenticated as being that identity actually _is_ that identity.

      See, you may be the only person in the world whose ear makes that specific click pattern. But anyone in the world can carry a device that makes that exact click pattern as well.

      Same with fingerprints or DNA; it's your DNA, it most often can't be confused with anyone elses DNA, but you leave it everywhere and anyone can present it for inspection. Same with fingerprints. They describe you, but they're not a secret only you know.

      PIN codes and passwords are better for authentication, as hopefully you don't leave them around on everything you touch. They can also be varied between different systems, so if one is compromised it doesn't mean they're all compromised. When someone copies your biometrics they know it'll be the same everywhere, you can't revoke it you can't change it, and to anyone who thinks identity and authentication is the same thing, the person carrying your means of identification will essentially be you.

    4. Re:Biometrics are great by relguj9 · · Score: 2, Informative

      Meh, that's why biometrics are good for multifactor authentication.

      It just makes it that much harder. You have to have a fake eyeball, fake fingerprint, fake testacles and his password.

      In most cases, I think they are overly complicated for identification. I'm sure there are some places where they are good though.

  4. ear wax by greg_barton · · Score: 3, Funny

    me + ear wax == suspected terrorist?

  5. Re: by DomNF15 · · Score: 3, Funny

    You're right, no faking with gummy bears - duplicating the ear-generated sounds will require slightly more sophisticated tape recorder technology...

  6. FFS. by fuzzyfuzzyfungus · · Score: 5, Insightful

    So, let me get this straight:

    We are poised to make the same idiotic "Hey guys! Let's use biometrics for authentication!" mistake that we've made all the other times.

    So, you can test the structure of somebody's ear by clicking at it and recording the result. Does this mean that you can infer the structure of someone's ear just by clicking at them and recording the result, thus allowing you to, with a dash of DSP, fake their ear structure on future tests? I'd want to be Very sure that that wasn't possible. A system where you can get somebody's Super Secret Biometric Secure Security ID just by calling them up and making funny noises would be even worse than the issues with fingerprints as authentication methods.

    1. Re:FFS. by swilver · · Score: 2, Insightful

      Even if you can't infer it... I could call the bank, while at the same time calling you. If I relay their beeps and resulting sounds fast enough it might just work.

  7. A series of clicks you say... by hack++slash · · Score: 3, Funny

    *ring* *ring*
    "Hello?"
    *click* *clickclickclick* *click* *clickclick* *click*
    "What was that Flipper? Timmy's trapped on a raft and floating out to sea?"
    "But what's that got to do with my bank balance?"

    --
    To do something right, you often have to roll up your sleeves and get busy.
    1. Re:A series of clicks you say... by Kozz · · Score: 2, Funny

      "Hello?"

      "There are three flowers in a vase. The third one is green."

      --
      I only post comments when someone on the internet is wrong.
  8. Wow, body acronyms by ratnerstar · · Score: 3, Insightful

    What's up with "IRIS" in all CAPS? I see this pretty regularly. But iris isn't an acronym, it's just a part of your body. I guess "IRIS recognition" sounds more James Bond-y than plain old "iris recognition."

    --
    Just because you sold your soul to the devil that needn't make you a teetotaler. --The Devil and Daniel Webster
  9. Re:why do we want this? by Nursie · · Score: 3, Informative

    It does seem an odd one.

    There is a unit at Southampton ECS that investigates a lot of these things. When I was there they were interested in gait recognition, though from the people linked from the page there it seems like this is more in the realm of the electronics side than the computer vision side.

    Even TFS gives a use for it - verify that the person on the other end of the phone is who they say they are. Though I'd be surprised if standard phones would give enough resolution to be able to accurately gauge the biometric. If it even is a useful or reliable biometric.

  10. Re:why do we want this? by PolygamousRanchKid+ · · Score: 4, Funny

    When I was there they were interested in gait recognition,

    "Ah, Mr. John Cleese! Our system has recognized your Silly Walk. Your transaction may proceed.

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  11. urine analysis by MooseTick · · Score: 5, Funny

    I would prefer a urine analysis test to this. I have to pee all the time and the ability to pee right at my wortstation would be welcome. My screensaver kicks in every 15 minutes though so it would keep me healthy by forcing me to drink my 8 glasses of water per day so I could stay logged in.

    --
    Ninjas don't carry tic tacs
  12. Mod parent up! by Anonymous Coward · · Score: 2

    Truly the most informative thing I've read this week.

    1. Re:Mod parent up! by RichardJenkins · · Score: 3, Funny

      And the most useful thing I've read on /. in years!

  13. Diablo by baKanale · · Score: 3, Funny

    Sweet! Now I can put all those ears I collected in Diablo to good use!

  14. Re:why do we want this? by geobeck · · Score: 2, Interesting

    Anyone in a position to become suspicious at said checkpoint probably won't wait to examine the plumbing before deciding the disembodied human hand is...suspicious...a bit.

    ...or notice that one of the guy's arms is substantially longer than the other.

    I think that this is where a lot of the potential exploits fall down. Spy movies always show someone using a severed finger or plucked eyeball getting into a secure area that is never manned by an actual guard.

    At the port where I work, the perimeter gates are manned 24/7, and any high-security areas that are not manned by security are in high-traffic areas and monitored by 24-hour video surveillance.

    Could an unauthorized person get onto the terminal? Possibly. Could they do it undetected? Not very likely.

    A common theme in this discussion is that biometrics shouldn't be used for authorization. If the intent is to use them alone, I agree. But there's nothing wrong with using them as part of a multi-level security plan.

    --
    Find environmentally and socially responsible products on http://buy-right.net
  15. Telephone: speaker != mic by blackfrancis75 · · Score: 2, Interesting

    I haven't read TFA, but how can this work? If they produce the clicks into the user's ear (telephone speaker) then how will they pick up the reverberations in the telephone reciever?
    Surely unless they're loud enough to cause discomfort, the echos wouldn't travel far enough to be picked up at the phone mic?

  16. The ear grows your entire life by Sark666 · · Score: 2, Insightful

    Wouldn't that change the sound?