New VibWrite System Uses Finger Vibrations To Authenticate Users

An anonymous reader quotes a report from Bleeping Computer: Rutgers engineers have created a new authentication system called VibWrite. The system relies on placing an inexpensive vibration motor and receiver on a solid surface, such as wood, metal, plastic, glass, etc.. The motor sends vibrations to the receiver. When the user touches the surface with one of his fingers, the vibration waves are modified to create a unique signature per user and per finger. Rutgers researchers say that VibWrite is more secure when users are asked to draw a pattern or enter a code on a PIN pad drawn on the solid surface. This also generates a unique fingerprint, but far more complex than just touching the surface with one finger. During two tests, VibWrite verified users with a 95% accuracy and a 3% false positive rate. The only problem researchers encountered in the live trials was that some users had to draw the pattern or enter the PIN number several times before they passed the VibWrite authentication test. Besides improvements to the accuracy with which VibWrite can detect finger vibrations, researchers also plan to look into how VibWrite will behave in outdoor environments to account for varying temperatures, humidity, winds, wetness, dust, dirt, and other conditions. This new novel user authentication system is described in full in a research paper entitled "VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration."

Vibrator Login

[Zorro]

I hear it has a good buzz from the users.

Why are they so stupid?

[140Mandak262Jamuna]

The problem is not finding something unique about someone. That is not the only purpose of authentication. The purpose is to prevent third parties from faking it.

No matter what it is, fingerprints, voice prints, retinal scans, finger vibrations, deep alpha waves of the brain, characteristic whorls in your scalp, the unique biota of bacteria living in your colon... it does not matter what it is. It gets digitized and gets transmitted. If the digitized data is compromised, then there is no way for the user to change these things. They make particularly bad authentication tokens. Governments and spy agencies would love such unalterable tags on people. But it does not solve the problem of authentication.

What we need is a true two factor authentication. Something I have physically. Something I can change if it is compromised. I use an RSA id key fob I have to login to Schwab. If they discover a flaw, and the randmoizer seed was hard wired, something leaked, some employee was bribed to sell some key info about it to random criminals... We can change the key fob. How am I going to change my fingerprint or voice print or thumb vibrations, if that authentication mechanism was compromised?

Re:Ahahahahahaha

[sexconker]

"Tolerant" is the last word I'd use to describe the current crop of youths.

And when you cut your finger...

[sconeu]

You cut your finger, put on a band-aid, and you are locked out of your account.