The digital passwords of tomorrow will be based on the unique characteristics of human beings. This approach will both help to meet the need for data security and improve the user experience.
Few would disagree that people have an annoying tendency to get in a complete muddle with all their different passwords. Nowadays so many websites – including social networks, client accounts, online banking, etc – demand proof of identity before granting access and the general desire to make access as secure as possible means that password requirements are more demanding – alphanumeric characters with a combination of capital and small letters. And those who dare to use the same password for several different purposes had better watch out. Hackers are never far away, so you really ought to cover your tracks and make life difficult for them by using a range of different access keys.
In the future, identification will be based mainly on biometric data: retina, brain waves and vein patterns
Today we are heading inexorably towards widespread digitisation of services. It therefore seems obvious that we need a way of authenticating and locking our personal data via passwords. And if it is hard to remember five passwords, especially we only use some of them very rarely, how will we be able to cope with dozens of different passwords?
The good news is that researchers and companies are working to come up with more reliable and more user-friendly alternatives. To do so they are looking both at human intelligence and at the unique features of human beings.
Biowatch: recognition through vein patterns
Recently, data from the heart and brain have shown definite potential when it comes to securing sensitive information. For instance, Canadian startup Bionym uses the human heartbeat, or more precisely the time-lapse between heartbeats, to identity people. Brain waves emitted when we read a particular word or sentence are yet another promising approach to rethinking passwords.
Swiss startup Biowatch was a finalist at the Hello Tomorrow Challenge event which took place in Paris in late June. This company is taking a really novel approach to the password issue: recognition of vein patterns, a concept that was patented in 1984. The system records and stores your wrist vein pattern in the wristband of your connected watch. Every time you need to prove your identity you simply push the button. If your vein pattern matches the stored references, you will be granted access. ‟Unlike fingerprints, your vein pattern is hidden beneath your skin, so it’s very difficult to forge!” points out Biowatch co-founder Matthias Vanoni.
Biowatch started out by developing technology for use with connected watches, but this is only the beginning. ‟These days the incumbent players in the luxury watches sector are looking to provide connectivity so we’re taking this opportunity to offer a solution that meets this need. But we’re also developing partnerships with specialists in access control – connected entry doors to hotels, access badges for buildings, car-locking systems, and so on,” reveals Vanoni. There are a huge number of areas to be explored for 2.0 authentication, ‟with a potential market of hundreds of users,” he underlines.
Exploiting the infinite potential of human memory and body
It seems likely that the passwords of tomorrow will be closely bound up with personal human features. For several years now, more and more companies have been working on voice and facial recognition. KeyLemon, a start-up on which L'Atelier reported in 2009, has continued to win over the sceptics in its work to develop man-machine interaction for authentication purposes. Meanwhile, at the Consumer Electronic Show (CES) in Las Vegas in January this year, Intel announced it was launching True Key, a secure identification system based on facial recognition.
Another route to personal security is image association, along the lines of the GeoGraphical solution. Based on research carried out by Ziyad S. Al-Salloum, the founder of ZSS, a cyber-security specialist, the GeoGraphical system enables users to create highly personal passwords by combining visual images that mean something special to them.
Meanwhile researchers at Rutgers University in the United States have been working with the Max Planck Institute in Germany and the University of Helsinki to design a system using free-form lines and squiggles as passwords, as these have some significant advantages when it comes to security.