Pentagon to trial behavioral identifiers on smartphones as Common Access Card replacement
The U.S. Department of Defense (DoD) is funding a project to develop an identity verification method based on the capture of behavioral biometrics by a smartphone, which could be available in commercial devices within two years, Nextgov reports.
The software would be embedded in smartphone hardware as a native capability, and measure characteristics such as hand pressure, wrist tension, and walking gait to generate a risk score, according to Defense Information Systems Agency (DISA) Technical Director Steve Wallace. It will also use GPS to analyze the device-holder’s recent movements, with major anomalies affecting the person’s risk score.
The technology is being developed to replace the DoD’s Common Access Card (CAC). A DoD representative said in late 2017 that the department was on the verge of biometric breakthroughs that could be used for access control.
An unnamed private company is working with DISA on the project, and will deliver about 75 prototypes this fall, according to Nextgov, and Wallace said he expects the capability to become available “in the vast majority of mobile devices.” The decision to use behavioral identifiers rather than traditional biometrics was made because DISA judged existing commercial biometric applications too easy to spoof, though Wallace noted that the DoD may reconsider this position as the technology improves.
Information has been slowly reaching the public about DISA work developing mobile identifiers such as “life patterns” and gait recognition to replace the CAC. Those reports have also suggested that the identifiers would be used in combination to generate trust scores, and that they could be made commercially available.