Slashdot Mirror

← Back to Stories (view on slashdot.org)

Passthoughts, Not Passwords: Authentication Via Brainwaves

Posted by samzenpus on from the get-your-thinking-straight dept.

CowboyRobot writes "A new study by researchers from the U.C. Berkeley School of Information examined the brainwave signals of individuals performing specific actions to see if they can be consistently matched to the right individual. To measure the subjects' brainwaves, the team utilized the NeuroSky Mindset, a Bluetooth headset that records Electroencephalographic (EEG) activity. In the end, the team was able to match the brainwave signals with 99% accuracy (pdf). 'We are not trying to trace back from a brainwave signal to a specific person,' explains Prof. John Chuang, who led the team. 'That would be a much more difficult problem. Rather, our task is to determine if a presented brainwave signal matches the brainwave signals previously submitted by the user when they were setting up their pass-thought.'"

3 of 104 comments (clear)

  1. Re:Talk about forgetting your password! by ByOhTek · · Score: 3, Interesting

    Since when is "works correctly 99% of the time" good enough for an authentication system?

    And how often do you mistype your password? I doubt many get their password right even 90% of the time unless they have rather bad passwords.

    Also, there's false positive vs. false negative. False negatives aren't so bad (especially at 1%, when retries are possible). False positives are what are really of concern.

    --
    Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
  2. Re:Talk about forgetting your password! by jouassou · · Score: 4, Interesting

    Since when is "works correctly 99% of the time" good enough for an authentication system?

    It isn't. But it is an interesting proof-of-concept, which shows that using passthoughts as identification is actually possible.

    One interesting thought would be to combine passthoughts with other authentication technologies. Imagine walking up to a door that first performs face recognition and retina scans to determine who you appear to be. The system then accesses a database of passphrases associated with your user, displays a random one on a screen, and asks you to read it out loud. The system then uses a combination of voice recognition and brainwave scans to check if you're really who you appear to be.

    Although all these technologies currently have suboptimal success rates, they might yield good security if you combine them.

  3. Re:Escalator to hell by Errol+backfiring · · Score: 3, Interesting

    But it might be quite easy with a live head. If you can intercept the signal, you can reproduce it. And intercepting a bluetooth signal should not be that hard. The problem is that it takes some "middle man hardware" to get the brainwaves into the computer. And middlemen can be a lot easier to fake. It is a bit like voice recognition: the voice may be personal and unique (or personal and unique enough), but recording a voice and playing it back is dead easy.

    --
    Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!