Could Your Brain Waves Be Hacked?

Could Your Brain Waves Be Hacked?

This post is also available in: heעברית (Hebrew)

In light of numerous cyber attacks and security breaches, of which the attack on the American Office of Personnel Management (OPM) was perhaps the most prominent, computer engineers have been hard at work developing new ways to keep businesses and identities protected online. One of the latest innovations is a biometric brainprint, which engineers claim will provide unprecedented levels of data security. In a June 2015 study called “Brainprint” out of Binghamton University in New York, researchers demonstrated the viability of the brain to respond to certain words in place of traditional passwords.

For the study, 45 volunteers read a list of 75 acronyms and researchers recorded the brain’s reaction to each word. Within 94 percent accuracy, researchers found each person’s brain responds differently to such acronyms, making the case for brainwaves to be used as identity verification. According to the study, the appeal of brain biometrics is cybercriminals cannot simply steal a brain scan as they can a password or fingerprint.

The “Brainprint” study was performed by attaching three electrodes to each volunteer’s scalp – the minimum requirement to measure brain waves. This worked well for a focused study but the mainstream population can’t be expected to attach electrodes to their brains every time they want to shop online or access their bank accounts. Until engineers develop a more comfortable and convenient way to measure brain waves, consumers aren’t likely to make the switch from traditional passwords. To overcome this challenge, engineers need to start small and start in the enterprise. If, for example, they can protect sensitive government data, brainprints may eventually make their way to consumers as well.

Brainprints, unlike other biometric prints, are potentially “cancellable.” They can be reset by showing individuals a different set of acronyms or images to create a new, unique print and that cannot be stolen as easily as a fingerprint.

However, no security system is bulletproof and identifying new ways of protecting information may in fact create an equal but opposite reaction, meaning hackers could presumably take on any security system and find breaches in it. Therefore, engineers must think like a hacker when developing new security strategies to stay one step ahead of cybercriminals and prevent future data breaches.

Subscribe to our newsletter.