What if you didn't have to keep remembering passwords — and instead they were literally inside your head?
That's the gist behind new cutting-edge research that explores doing things such as watching how your brain responds to celebrity pictures or listening to sounds echoing around your skull to prove your identity.
Researchers at Binghamton University in New York conducted a study in which some 50 participants were monitored via headgear fitted with 30 brain sensors while 500 images of things, such as celebrities, food and unusual words, flashed in front of them on a screen for less than a second each. The sensors captured how their brains automatically reacted to the pictures — and from that data, the researchers were able to figure out how to identify a person with 100 percent accuracy while using just 27 image responses collected from a handful of sensors.
Study co-author Sarah Laszlo told Ars Technica that she imagined the process might make sense for some high-stakes scenarios, such as controlling access to classified information at the Pentagon.
Another study that hopes to use your head to improve security is one carried out by a team of German researchers who looked at skull echos. The idea is basically to use bone conduction speakers and microphones to listen for tiny differences in how sounds bounce around inside people's skulls. The researchers reported a 97 percent identification rate but ran tests with only 10 participants. The study tested the technique with Google Glass, and the researchers suggest it might be viable to secure other types of head-mounted computers in the future.
These studies represent initial research that is a long way away from helping you sign into your online banking account. But they also highlight the push to figure out new alternatives to the traditional password, two-factor authentication and fingerprint scan to prove who you are.
The old standby — the typed password — isn't working out so great. Passwords are practically impossible to escape and can be a pain to keep track of without falling victim to poor digital hygiene, such as password reuse. Most major companies now offer two-factor authentication, which requires an extra verification step that often works by having users enter a code that's delivered to their phone.
And fingerprint scans have also been on the rise. The latest iPhones have it built in as Touch ID, and some secure workplaces use similar tech to verify employees' identities. Unlike with passwords, you can't really forget your fingerprints. But they're also practically impossible to change if the fingerprint data is compromised, as happened to millions of people caught up in the Office of Management and Budget breach revealed last year.
And it might not even take a hack to expose them: After all, you leave fingerprints on a lot of things you touch — and some researchers have even demonstrated ways to spoof them from high-resolution photos.
Looking inside people's heads for the future of biometric identification at least may help avoid part of that last problem: Given the state of technology now, you'd probably notice if someone was trying to measure your brain waves or listen to your skull for echos.