Slashdot Mirror

← Back to Stories (view on slashdot.org)

New VibWrite System Uses Finger Vibrations To Authenticate Users (bleepingcomputer.com)

Posted by BeauHD on from the smooth-vibrations dept.

An anonymous reader quotes a report from Bleeping Computer: Rutgers engineers have created a new authentication system called VibWrite. The system relies on placing an inexpensive vibration motor and receiver on a solid surface, such as wood, metal, plastic, glass, etc.. The motor sends vibrations to the receiver. When the user touches the surface with one of his fingers, the vibration waves are modified to create a unique signature per user and per finger. Rutgers researchers say that VibWrite is more secure when users are asked to draw a pattern or enter a code on a PIN pad drawn on the solid surface. This also generates a unique fingerprint, but far more complex than just touching the surface with one finger. During two tests, VibWrite verified users with a 95% accuracy and a 3% false positive rate. The only problem researchers encountered in the live trials was that some users had to draw the pattern or enter the PIN number several times before they passed the VibWrite authentication test. Besides improvements to the accuracy with which VibWrite can detect finger vibrations, researchers also plan to look into how VibWrite will behave in outdoor environments to account for varying temperatures, humidity, winds, wetness, dust, dirt, and other conditions. This new novel user authentication system is described in full in a research paper entitled "VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration."

24 of 44 comments (clear)

  1. Ahahahahahaha by Anonymous Coward · · Score: 1

    Mine changes with every cup of coffee!

    Good luck with this!

    1. Re:Ahahahahahaha by Anonymous Coward · · Score: 1

      What problem is this supposed to solve?

    2. Re:Ahahahahahaha by sexconker · · Score: 2

      "Tolerant" is the last word I'd use to describe the current crop of youths.

    3. Re:Ahahahahahaha by Shogun37 · · Score: 1

      The "You are not spending enough money on pointless solution problem." That way, our corporate overlords can sell us a "security solution" at the front door, and any one with enough money can rent the bypass out the back. Mo Money, Mo Money!

    4. Re:Ahahahahahaha by mwvdlee · · Score: 1

      "Tolerant" has come to mean "Make a slightly negative comment about anybody and I will fucking torture you to death".

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    5. Re:Ahahahahahaha by Neuronwelder · · Score: 1

      umm.. more ways to use vibrators??

    6. Re: Ahahahahahaha by sexconker · · Score: 1

      That's for sure, they threaten violence when i did was ask for pineapple on my pizza...

      You're disgusting.

  2. Vibrator Login by Zorro · · Score: 2

    I hear it has a good buzz from the users.

  3. Why are they so stupid? by 140Mandak262Jamuna · · Score: 3, Insightful
    The problem is not finding something unique about someone. That is not the only purpose of authentication. The purpose is to prevent third parties from faking it.

    No matter what it is, fingerprints, voice prints, retinal scans, finger vibrations, deep alpha waves of the brain, characteristic whorls in your scalp, the unique biota of bacteria living in your colon... it does not matter what it is. It gets digitized and gets transmitted. If the digitized data is compromised, then there is no way for the user to change these things. They make particularly bad authentication tokens. Governments and spy agencies would love such unalterable tags on people. But it does not solve the problem of authentication.

    What we need is a true two factor authentication. Something I have physically. Something I can change if it is compromised. I use an RSA id key fob I have to login to Schwab. If they discover a flaw, and the randmoizer seed was hard wired, something leaked, some employee was bribed to sell some key info about it to random criminals... We can change the key fob. How am I going to change my fingerprint or voice print or thumb vibrations, if that authentication mechanism was compromised?

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:Why are they so stupid? by sheramil · · Score: 1

      The problem is not finding something unique about someone. That is not the only purpose of authentication. The purpose is to prevent third parties from faking it.

      I just wish they'd stop basing these systems on body parts that can easily be removed. It's like they're encouraging people with bolt cutters.

    2. Re:Why are they so stupid? by Calydor · · Score: 1

      At least the summary sounds like your finger is supposed to stay attached to you in order to work. That's better than MANY of the early versions!

      --
      -=This sig has nothing to do with my comment. Move along now=-
    3. Re:Why are they so stupid? by mwvdlee · · Score: 1

      You'd like it to be based on body parts which are harder to remove?

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  4. what about reader to reader differences by Joe_Dragon · · Score: 1

    what about reader to reader differences?

    some installs may not be down the same MM spacing.

    how often does it need calibration?

    1. Re:what about reader to reader differences by Aighearach · · Score: 1

      While this device seems like a horrible idea, for your concerns I would say it is probably very similar to fingerprint scanning.

  5. my voice is my passport verify me by Joe_Dragon · · Score: 1

    my voice is my passport verify me

  6. And when you cut your finger... by sconeu · · Score: 2

    You cut your finger, put on a band-aid, and you are locked out of your account.

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    1. Re:And when you cut your finger... by ichthus · · Score: 1

      .. Or gain weight, lose weight, ...

      --
      sig: sauer
    2. Re:And when you cut your finger... by Calydor · · Score: 1

      Or get the flu with accompanying shakes. Bye-bye access to your movie library while you're in bed!

      --
      -=This sig has nothing to do with my comment. Move along now=-
  7. Re:Michael J Fox by fredrated · · Score: 1

    This is hell.

  8. 3% false positive rate?! by ConceptJunkie · · Score: 1

    A 3% false positive rate is supposed to be meaningful? That means that 1 out of 33 people who try to login to something they are not authorized for will get in? How is this meaningful in any way? That number needs to decrease by several orders of magnitude before this wacky kludge of an idea should even be considered.

    Do you know how many false positives you get from a password? Exactly the odds of someone typing your password in by random, or by guessing. If you pick a reasonable password, that figure will be astronomically small.

    This device sounds to me like it hasn't even passed the proof-of-concept stage yet.

    --
    You are in a maze of twisty little passages, all alike.
  9. So... by nospam007 · · Score: 1

    they want us to give them the finger?
    No problem.

  10. Re:too many false positives and negatives by mwvdlee · · Score: 1

    "some users had to draw the pattern or enter the PIN number several times"

    Which won't cause security guards to become suspicious of you at all.

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  11. Re:Biometrics encourage state murder by ConceptJunkie · · Score: 1

    Every spook agency can help itself to your phone if it can just pry open an eyelid on your corpse to open it.

    Yeah, I have visions of Wesley Snipes with a scalpel.

    --
    You are in a maze of twisty little passages, all alike.
  12. Re:95% success rate is pure failure by barbariccow · · Score: 1

    No, that's .95^3 = 85.7% chance of success, or 14.3% chance of failure (i.e. compromise)