Your brain can't hide
Your responses to certain stimuli — foods, celebrities, words — might seem trivial, but they say a lot about you. In fact (with the proper clearance), these responses could gain you access into restricted areas of the Pentagon.
A team of researchers at Binghamton University, led by Assistant Professor of Psychology Sarah Laszlo and Assistant Professor of Electrical and Computer Engineering Zhanpeng Jin, recorded the brain activity of 50 people wearing an electroencephalogram headset while they looked at a series of 500 images designed specifically to elicit unique responses from person to person — eg, a slice of pizza, a boat, Anne Hathaway, the word “conundrum”.
They found that participants’ brains reacted differently to each image, enough that a computer system was able to identify each volunteer’s ‘brainprint’ with 100% accuracy.
“When you take hundreds of these images, where every person is going to feel differently about each individual one, then you can be really accurate in identifying which person it was who looked at them just by their brain activity,” said Laszlo.
In their original study, titled ‘Brainprint’, published in 2015 in Neurocomputing, the research team was able to identify one person out of a group of 32 by that person’s responses, with only 97% accuracy, and that study only incorporated words, not images.
“It’s a big deal going from 97 to 100% because we imagine the applications for this technology being for high-security situations, like ensuring the person going into the Pentagon or the nuclear launch bay is the right person,” said Laszlo.
“You don’t want to be 97% accurate for that, you want to be 100% accurate.”
According to Laszlo, brain biometrics are appealing because they are cancellable and cannot be stolen by malicious means the way a finger or retina can. The results suggest that brainwaves could be used by security systems to verify a person’s identity.
“If someone’s fingerprint is stolen, that person can’t just grow a new finger to replace the compromised fingerprint — the fingerprint for that person is compromised forever. Fingerprints are ‘non-cancellable’. Brainprints, on the other hand, are potentially cancellable.
So, in the unlikely event that attackers were actually able to steal a brainprint from an authorised user, the authorised user could then ‘reset’ their brainprint,” Laszlo said.
Zhanpeng Jin, assistant professor at Binghamton University’s departments of Electrical and Computer Engineering, and Biomedical Engineering, doesn’t see this as the kind of system that would be mass-produced for low security applications (at least in the near future) but it could have important security applications.
“We tend to see the applications of this system as being more along the lines of high-security physical locations, like the Pentagon or Air Force Labs, where there aren’t that many users that are authorised to enter, and those users don’t need to constantly be authorising the way that a consumer might need to authorise into their phone or computer,” Jin said.
The study, CEREBRE: A Novel Method for Very High Accuracy Event-Related Potential Biometric Identification, was published in The IEEE Transactions on Information Forensics and Security.
Is the Australian tech skills gap a myth?
As Australia navigates this shift towards a skills-based economy, addressing the learning gap...
How 'pre-mortem' analysis can support successful IT deployments
As IT projects become more complex, the adoption of pre-mortem analysis should be a standard...
The key to navigating the data privacy dilemma
Feeding personal and sensitive consumer data into AI models presents a privacy challenge.