Aerendir suggests biometric brain-computer interfaces to tackle mobile authentication risks
The Aerendir Mobile team spoke on CNBC’s Advancements program earlier this month, describing the company’s efforts to replace traditional authentication methods with biometrics powered by brain computer interfaces (BCIs).
According to Doron Drusinsky, Aerendir’s Chief Scientific Officer, the main problem with traditional mobile authentication is a typical Catch-22 issue.
“The person using the phone is the one that owns the phone and that’s where our company actually comes in.”
Aerendir uses the proprietary Touch Technology, to extract a unique proprioceptive signature, called the NeuroPrint, from micro-vibrational patterns in the user’s hands.
NeuroPrint can be detected by a variety of sensors, including smartphones’ accelerometers and gyroscopes.
“This allows us to translate the body into a password that’s akin to one million characters, which is very very unbreakable,” said Martin Zizi, Aerendir CEO.
“The artificial intelligence of Aerendir doesn’t need the cloud for computation or modernization, and [since] there is no transfer from a device to it from the cloud, there is no risk of data theft.”
According to the CEO, Aerendir does not even use a database, thus preventing the risk of a systemic data breach.
Traditionally, in order to read neuromuscular activity electrodes, scanners, or implants are needed.
Aerendir bypasses the need for this expensive equipment by capturing this information utilizing sensors present in common smartphone and tablet devices,
“This information is representative of your brain state,” Nick Sullivan, head machine learning engineer said on the program. “If you look deep into the micro vibrational patterns that we capture, you can find unique features that identify a person.”
This allows someone to be authenticated based just on their physiology.
“We can identify information, such as liveliness, age, gender, even blood sugar level, or other neurological changes,” Sullivan added.
Despite gathering all this biometric data, however, Aerendir claims the company’s technology is particularly protective of users’ privacy, unlike other biometric identification methods, like face recognition.
“[Those] systems collect a lot of highly sensitive data, explained Luke Stork, lead scientist at Aerendir. “And unfortunately, most companies store this data in the cloud, leaving it vulnerable to attackers.”
Moreover, Stork warns, many of these systems are subject to presentation attacks and can be spoofed using simple things like someone’s Facebook profile picture.
“We’re looking at physiological signals which are based on essential functions of the human body like neuromuscular tremor,” the scientists said. “Using these signals, we can restore trust to an online environment by telling if someone is a human or bot.”
According to Stork, the current method of telling if someone is alive or a bot via CAPTCHAs has gotten gradually more difficult over time, becoming a friction point for users online.
“We want to break out of this cat and mouse model but using human physiology, so we can ensure that ads are shown to real humans and identify key demographics, without linking it [back] to someone’s personally identifiable information.
“So for example, we can know someone’s age, without linking it back to their Facebook profile.”