I’m afraid I tend to miss most news stories about passwords because I’ve long relied on 1Password and it’s given me no trouble. But I see that passwords are a concern for most people and I do recognise how feeble it is that our 21st-century lives are held together by words we incant. Or at least type. This may not last, though.
We do already have the Touch ID home button on Apple’s iPhones where it is your thumb print, verified, that unlocks the phone. Samsung has a similar thing, though that is a bit of a redundant sentence as if Apple does it, so does Samsung. A bit.
But there’s more this time:
…what if you could prove your identity without doing anything at all? That’s the idea behind Biocatch, a startup that’s observing people’s online behaviors and creating a unique signature for each account holder.
“Essentially, it’s a way to authenticate your mind by observing what you do and how you do it,” says Uri Rivner, Biocatch’s co-founder and vice president of cyber strategy.
To create its biometric “cognitive signature,” BioCatch analyzes as many as 450 physical parameters that describe a customers’ interaction with a computer, web browser, and mobile device.
For example, on a mobile device, it can use sensors like the accelerometer and gyroscope to measure whether someone has a hand tremor or, say, the level of pressure an individual typically applies when clicking a button. On a computer, it measures a person’s hand-eye coordination in using a mouse and precise ticks in how it’s dragged, as well as other browser habits like whether a person always opens new tabs or uses the keyboard to scroll or always corrects typos with a backspace.
No one of these factors by itself will identify any given individual, but by piling on hundreds of tests, within a few seconds of using the account, its algorithms can issue a score on the likelihood that the person logging on is the account holder (or one of several account users).
You can do some serious damage in a few seconds. I’m just saying. Read more.