Sign up to our newsletter
Sky News reports that the United States military is investing heavily in new identify verification techniques that could replace passwords and biometric solutions for security.
The deal – which Sky describes as a ‘multi-million dollar contract’ – will see researchers at West Point looking at ‘cognitive fingerprints’ rather than focussing on traditional biometric pointers, such as palm, facial, DNA or iris recognition.
These ‘cognitive fingerprints’ will be analyzed by algorithms attempting to establish identity by the manner in which people use desktop or mobile devices. Everything from ‘writing rhythm’ to how a a cursor is moved, to frequency of typos and words per minute will be considered. When taken together, these provide a surprisingly detailed profile of the user behind the hardware.
The contract document, seen by Sky News, describes the technology as follows: “Just as when you touch something with your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a ‘cognitive fingerprint’. The biometrics program is creating a next generation biometric capability built from multiple stylometric/behavioral modalities using standard Department of Defense computer hardware.”
The Independent draws a parallel to stylometrics, currently deployed to search for plagiarism in university essays – software which examines text to see how it is written compared to other sources.
It is anticipated that if the technology proves reliable, that it can be used beyond the military, and become part of civilian activities, including banking, shopping and control of ‘internet of things’ style devices.
ZDNet notes that this kind of analysis is not a totally new concept. One recent example of predictive behavior is found in Google’s new reCAPTCHA product, which judges the likelihood of a visitor being a bot based on how the user ticks a box, and what the company knows about your behavior to date.
Author Alan Martin, ESET