Future computers will identify users by thoughts, not passwords

questions: yes, yes, and (probably) yes.

The release notes that the team conducted a series of experiments to determine whether the single EEG channel provided high enough signal quality for accurate authentication. For authentication, the computer needs to be able to accurately and consistently distinguish your brainwave patterns from someone else’s.

By selecting customized tasks for each user and then customizing each user’s authentication thresholds, the team was able to reduce error rates to below 1 percent, comparable to the accuracy of more invasive multi-channel EEG signals.

Accuracy is not enough. however. If a system is a pain, people will refuse to use it, no matter how accurate it is. The new generation of brainwave readers are much more user-friendly than before, but the team also focused on finding mental tasks that are enjoyable to users.

Seven mental tasks
The researchers measured participants’ brainwaves while they performed seven different mental tasks. Users were asked to do two types of tasks: three where everyone performed the same task and four where users had individual secrets. For tasks of the first group, participants were asked to focus on their own breathing, imagine moving their finger up and down, or listen for an audio tone and then respond to the tone by focusing on a dot on a piece of paper.

In tasks where participants could choose a personalized secret, they were asked to imagine performing a repetitive motion from a sport of their choice (like swinging a golf club or kicking a ball), imagine singing a song of their choice, watch a series of on-screen images and silently count the objects that match a color of their choice, or choose their own thought and focus on that thought for ten seconds.

All seven of the tasks provided enough information to successfully authenticate the users. In fact, the personalized tasks weren’t significantly more accurate than the tasks where everyone did the same thing. The key to the success of a brainwave authentication system, then, is finding a mental task that users will not mind repeating on a daily basis. Researchers found that users would prefer to repeat tasks that are fairly easy but not too boring. Users’ favorite tasks included counting objects of a specific color, imagining singing a song of their choice, or simply focusing on their own breathing. Several users found it difficult to imagine performing an action from their favorite sport: they found it unnatural to imagine the movement of their muscles without actually moving them. Similarly, when asked to choose their own “pass-thought,” many users chose a thought that was complicated or difficult to repeat. Imagining moving a finger up and down was boring to the majority of participants.

Computer systems of the future
The release says that computers that recognize you by your brainwaves might seem like a futuristic fantasy, but these experimental results suggest that that future is more realistic than we might have suspected. “We find that brainwave signals, even those collected using low-cost non-intrusive EEG sensors in everyday settings, can be used to authenticate users with high degrees of accuracy,” the researchers conclude.

Rather than being limited to ultra high-end, high-security systems, brainwave-based authentication could end up being as cheap, accessible, and straightforward as thought itself.