Cognitive Fingerprints, the new frontier of authentication

DARPA is working on Cognitive Fingerprints authentication process to validate the user identity through the use of software based biometrics.

Security plays a crucial role in today’s world. Whether it is a multi-billion organization or a single person with a computer, security is important for all. One of the pillars for cyber security is the Authentication. People want an easy way to deal with authentication, but currently the only available technique is to remember and manage long cumbersome passwords.

Even this form of authentication is compromised now and then, because of the growing threat to the security domain as well as humans being the weakest link.

DARPA (Defense Advanced Research Projects Agency) has come up with an innovative approach to solve the difficulties faced during authentication with the help of a concept termed as Cognitive Fingerprints also called “Active Authentication.” This is a multi-million dollar contract to produce a new identity verification system based on users’ behavior.

“This program focuses on the behavioral traits that can be observed through how we interact with the world.  Just as when you touch something your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a “cognitive fingerprint.“ reads a blog post on the “ACTIVE AUTHENTICATION” published by the DARPA. 

The logic behind this concept is to uniquely identify human patterns and use these parameters as the base for authentication. Fingerprints and retina scans are being used to authenticate the user but this technology demands setting up physical hardware which incurs huge costs.

 

DARPA’s vision is to eliminate these costs and, develop more robust and stable way of authentication. In our personal views this may completely replace the password-based authentication in near future. The project of “Cognitive Fingerprints” is divided into multiple phases, in a first phase the expert will focus their efforts into searching for biometrics that do not require the installation of additional hardware sensors, these could include how the user interacts with the machine or the way user uses the mouse or other system components. It may also include how user searches for some information, how user opens and reads documents or emails, and many more parameters.

“The first phase of the program will focus on researching biometrics that do not require the installation of additional hardware sensors, rather the program will look for research on biometrics that can be captured through the technology we already use looking for aspects of this “cognitive fingerprint”.

Subsequently, the experts from DARPA working on Cognitive Fingerprints will develop a solution to implement an authentication platform that implements the results of their research.

 “The later phases of the program will focus on developing a solution that integrates any available biometrics using a new authentication platform suitable for deployment on a standard Department of Defense desktop or laptop.” wrote the DARPA .

Cognitive Fingerprints have huge advantages as it will eliminate two crucial hurdles, the need of biometric based hardware and the need to remember complex long passwords.
In our personal view, this concept may face some hurdles as mentioned below. Though these are hypothetical issues but its worth to mention.

• Compromise – Passwords can be changed or modified, if compromised. What will be the solution to Cognitive Fingerprints if in case these are compromised or masqueraded. Though this seems hypothetical, but giving a thought to this will make it more secure.
• Behavioral Analysis – Robustness. The technology needs to be the most robust in tracking the behavior of a user. If it leads to false positives, then this active authentication technology may fail drastically.
• Behavioral Changes. According to DARPA, this technology will authenticate users based on its behavioral parameters but what will be the outcome if the behavioral patterns of the same user are changed in the due courses of time. The crucial question remains is “How will the cognitive fingerprints technology adapt itself to such changes?”

The Cognitive Fingerprints seems promising and will solve many problems of authentication to a much greater extent.

All are waiting to get a glance of this technology soon.

About the Author Shivang Desai

Shivang Desai is a security researcher and certified security professional from India. He likes to research on recent security threats and landscapes, and write about the researches to make people aware about security domain” Follow him on Twitter.

Edited by Pierluigi Paganini

(Security Affairs –  Authentication, Cognitive Fingerprints)