According to a recent study by researchers of Binghamton University in New York, brainwaves could be the alternative to passwords. The way human brains respond to certain words is unique to individuals, and this “brainprint” could be used to identify individuals, thereby removing the need for passwords.
The study, led by Dr. Sarah Laszlo, is published in the journal Neurocomputing and employed 45 volunteers. The participants were required to read a list of 75 acronyms such as FBI, DVD, etc. Researchers used 3 electrodes on the scalps of participants to record electrode potential or “brain waves” with the help of an electroencephalogram or EEG. The researchers noted the brain’s reaction to each group of letters, specifically focusing on the areas of the brain that are involved in reading and recognizing words. The data collected over many repetitions, averages the output, and generates an ERP or “event-related potential” for each individual’s acronym recognition.
The results of the study show that:
- Participants’ brains reacted differently to each acronym.
- The brain reactions or brainprints were unique enough that a computer could identify a person with 82-97% accuracy.
- The brainprint was stable over a period of time, as the identification of the individuals was accurate even after a lag of 6 months.
The advantages of brainprint are many, as Dr. Laszlo said to Binghamton University news. "If someone's fingerprint is stolen, that person can't just grow a new finger to replace the compromised fingerprint — the fingerprint for that person is compromised forever. Fingerprints are ‘non-cancellable.’ Brainprints, on the other hand, are potentially cancellable. So, in the unlikely event that attackers were actually able to steal a brainprint from an authorized user, the authorized user could then ‘reset’ their brainprint," Laszlo said.
Because of its inherent complications in using electrodes on the scalp, it appears that the applicability of this technology will be limited for the time being. Dr. Zhanpeng Jin, an associate professor at Binghamton University and a co-author in the article, says “We tend to see the applications of this system as being more along the lines of high-security physical locations, like the Pentagon or Air Force Labs, where there aren't that many users that are authorized to enter, and those users don't need to constantly be authorizing the way that a consumer might need to authorize into their phone or computer."
Written by Mangala Sarkar Ph.D.