DARPA wants behavior-based biometrics to replace passwords
The United States’ military mad-tech unit, better known as DARPA (the Defence Advanced Research Projects Agency) is building a behavior-based biometric identification system that it believes could one day replace traditional passwords.
DARPA apparently thinks that a behavior-based biometric system, which looks at how a computer user handles their mouse or crafts an email, would prove much harder to crack than traditional authentication techniques, which include such things as passwords and PIN codes, physical keys and conventional biometrics (like eye scans and fingerprints). As such, the agency has just awared a multimillion-dollar grant to researchers at the West Point academy, one of the US’s most prestigious military institutions.
The award comes under DARPA’s “active authentication” program, which seeks to replace traditional authentication techniques with something safer and more convenient to use. The money will be used by researchers to develop cognitive fingerprint algorithms that can learn and recognize behavioral patterns based on the way someone uses a mobile device or computer mouse. The idea is that each individual moves the cursor or swipes a mobile screen in a way that’s unique, and can therefore be positively identified when they do so.
The award document, which was seen by Sky News, gives an explanation of how the system would work:
“Just as when you touch something with your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a ‘cognitive fingerprint.”
“The biometrics program is creating a next generation biometric capability built from multiple stylometric/behavioural modalities using standard Department of Defence computer hardware.”
DARPA is hoping that behavior-based biometrics can be developed and applied to encrypted data communications as a first step. But if the technology proves itself, the implications could go well beyond the US military, perhaps one day even replacing passwords and giving private organizations better protection from ‘phishing’ attacks that aim to steal user’s login credentials.
“If they’re effective, cognitive fingerprints could offer significant advantages over existing forms of authentication,” noted web consultant Mark Stockley on Sophos Naked Security’s blog. “Unlike biometrics they don’t require specialist hardware and unlike password authentication they don’t rely on users being good at something they’re naturally bad at.”
This isn’t the first time someone has thought of using behavioral patterns to identify users though. Last year, Google announced its reCAPTCHA project that aims to replace the old, annoying CAPTCHA authentication technique with a simple tick box. The system is smart enough to tell whether you’re a human or a bot based on which boxes you tick, together with the web browsing data Google already has on you.
Since you’re here …
Show your support for our mission by our 1-click subscribe to our YouTube Channel (below) — The more subscribers we have the more then YouTube’s algorithm promotes our content to users interested in #EnterpriseTech. Thank you.
Support Our Mission: >>>>>> SUBSCRIBE NOW >>>>>> to our Youtube Channel
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.