Ahh, biometrics. In the race to replace the password, that sadly inadequate Eeyore of the authentication world, is there any part of the body that hasn’t been poked at?
We’ve seen the rise (and fall… and fall again, via an even easier method) of fingerprints, iris recognition (which, like fingerprints, can be tricked with constructed copies), voices, faces, ears, your microbial entourage, and brainprints.
The latest biometric bit of the body to be tested for use in authentication: the skull.
Researchers at the Max Planck Institute for Informatics and the universities of Stuttgart and Saarland conducted a controlled study – with only 10 participants – of the way a sound bounces around a skull and reverberates back, using the bone conduction speaker and microphone integrated into an eyewear computer like Google Glass.
They’re calling the technology SkullConduct.
According to the team’s paper, each of us has a unique, and stable, frequency response when sound is conducted through our skulls.
The team sees a couple of potential applications for the authentication:
- Personalizing eyewear computers. We haven’t heard much on the Google Glass front since it was removed from the realm of the masses and plugged into Google’s Internet of Things department. But the researchers behind SkullConduct note that skull-hugging computers are increasingly being used for training in laboratories, medical documentation, educational purposes, or even during surgeries. In any of those areas, the devices may get swapped around regularly. When a device finds itself installed on a different skull, it could adapt accordingly, they said:
As soon as a user puts on the device, SkullConduct can immediately identify the user and configure user-specific settings, such as preferred applications or system preferences.
- Protecting private content. The researchers note that current head huggers lack protection for the private information they store, which can include social media logins or bank account details. The researchers propose that user authentication could automatically be triggered after a new user puts on a device. What’s more, SkullConduct could be programmed to re-authenticate when specific applications are started, such as a banking application, to ensure that a given user has permission to access such an app.
The researchers claim to have identified users with 97% accuracy and authenticated them with an error rate of 6.9%. That makes SkullConduct worthy as a secure way to identify and authenticate an eyewear computer user, they said.
They note that SkullConduct was tested in a controlled environment, without any background noise. Such noise – which might include people talking in the background, or appliances – might reduce performance.
Weight gain or hair growth might also mess things up.
Image of Human Skull courtesy of Shutterstock.com
Mike
It sounds to me like the stress of losing access to your devices might be a very bad thing for someone recovering from a head injury.
shanedk
“We’re sorry, we’ve discovered a security vulnerability in our eyewear product. We recommend that users change their skull as soon as possible.”
James
the researchers behind SkullConduct note that skull-hugging computers are increasingly being used … during surgeries
I’m sure the patient’s next of kin will appreciate that they were a part of the 6.9 percent error rate group.
jkwilborn
How could they get a 97% correct with 10 people? Wouldn’t that mean 9.7 people??? Even if you take the 9 people, it really means nothing… When they do this with 100’s of thousands then maybe they have something….
Paul Ducklin
I presume they mean that 97% of the time they tried to pick one out of the 10 people, they were right. (They didn’t just test against each person once :-)
But I share your opinion: underwhelmed. An error rate of 3% for authentication, from a sample set of 10 people…sounds pretty useless to me.