Pass-thoughts can replace passwords

Pass-thoughts: Security of the Future

From combination codes, to passwords and keypads, technology has come a long way in providing user-friendly services to consumers. Now, imagine having to simply think of your password instead of typing it to get access. That, my friends, is called pass-thoughts, and is going to be the future of logging in to your accounts!
Researchers from the UC Berkeley School of Information

"We find that brainwave signals, even those collected using low-cost non-intrusive EEG sensors in everyday settings, can be used to authenticate users with high degrees of accuracy."

Even though we have come across many real and fictional biometric possibilities as a means of making our security systems fail-safe, many of the existing techniques have failed to impress. The reason being, fingerprint scans, voice recognition, and retina scans, are cumbersome, slow, and a luxury that not everyone can afford.

Now how about pass-thoughts? What is this concept in the first place? And how does it exactly work? Let's see...

Pass-thoughts: The Concept

A recent research by the The Berkeley School of Information, University of California, has revealed that it might be possible for us to access our accounts by simply thinking of our passwords instead of typing them. Electroencephalograms (EEGs) or brainwave computer authentication shall help you access the accounts by collecting the data we imagine in our minds! The scope of converting passwords into pass-thoughts, by using relatively affordable biosensor technology, could well become our next virtual reality.

This extraordinary project was led by professor John Chuang, and his students Hamilton Nguyen, Charles Wang, and Benjamin Johnson. The findings of the research were presented at the Seventeenth International Conference on Financial Cryptography and Data Security, during the 2013 Workshop on Usable Security.

Research Using the NeuroSky MindSet Brainwave Sensor

The NeuroSky MindSet device consists of a single sensor that rests against the forehead, and was used for carrying out this research. This wireless headset looks similar to any normal Bluetooth, except that it has the added feature of EEG sensors which read the brainwave signals of the person wearing the headset. The team carried out experiments to assess whether the computer was able to distinguish between the brainwave patterns of different people, and whether the signal provided by the EEG channel was strong enough for producing a positive authentication. The team selected 15 volunteers to perform seven mental tasks, both individually and together, so that their brainwaves could be measured. These were the seven tasks:
  1. The participants were asked to visualize moving a finger up and down, while focusing on their breathing.
  2. Some were asked to respond to an audio tone, by focusing on a dot placed on a sheet of paper.
  3. They were told to make up a secret and focus on it for some time.
  4. They had to imagine replaying a specific motion from a sport of their choice.
  5. Some were asked to watch images on a screen, and count the objects of their chosen color.
  6. They were asked to imagine themselves singing a song they liked a lot.
  7. They had to focus on a specific thought for ten seconds.
The data collected from all the brainwaves sampled, provided sufficient information to authenticate each user from one another. The devices were able to read customized 'pass-thoughts', by reducing the error rate to less than 1%. They also found that the results gathered from individual tasks were more or less the same, as compared to the data gained from combined tasks.

The team also found that, more user-friendly tasks should be incorporated in order to make brainwave-based computer authentication successfully replace conventional passwords by pass-thoughts. The majority of the volunteers found the task of imagining to move a finger very boring. Many participants chose complicated thoughts that were hard to focus on, while others thought that imagining to perform a sports motion felt unnatural. On the other hand, picking their chosen colored objects from a series of slides, or imaging singing a song was comparatively more interesting.

The Concern

Even though this research may be a mere step towards brainwave authentication, the possibility of computers being able to recognize an individual by their specific task-oriented brainwaves seems more likely than ever before. However, unless a distinct brainwave is accepted by the computer, the current research raises some security concerns. Some have raised concerns that it would be easy to hack into someone's mind or Internet account, if the perpetrators knew the song imagined or object/color picked, or other tasks imagined by the owner of account.

Technology is an ever-evolving process, and time will tell as to how much the concept of pass-thoughts catches on as compared to passwords.
Advertisement