8 Alternatives to Selfie Authentication
How to definitively prove your identity? A variety of anatomical parts and functions may soon be able to vouch for you.
August 4, 2016
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt285b9cc180545685/64f0db5d3a17de714e8a459e/01-self-authentic.jpg?width=700&auto=webp&quality=80&disable=upscale)
With MasterCard deciding to test the selfie as an authentication method for payments earlier this year, we cheered that the self-authentication conversation had moved beyond fingerprints and retinas. It's a welcome changeup that taps into facial recognition and also requires users to blink into a live camera to ensure it's not a photo of a selfie.
It also got us thinking about other common, readily access physiological features that would determine beyond a doubt, that's you.
So many candidates have come and gone in the last several years. Gait recognition, which collects data on how we walk, emerged post-9/11 for potential use in airports. Voice recognition remains in play, but has challenges with ambient noise, making it difficult to use in a shopping center, on the street or in an airport.
But the more we dug into this, the more we came to agree with noted security expert (and pop singer) John Mayer, that indeed, your body is a wonderland. Researchers and startups are using all kinds of body parts to uniquely and definitively identify us. We've highlighted some candidates here as well as a few that are, well, lighter in spirit.
In the meantime, once you're done closing your left eye and sticking out your tongue to pay down your credit card balance, check out our suggestions for futuristic authentication alternatives and let us know in the comments what we missed.
Researchers in Germany are working on something called SkullConduct, a method to identify individual users by how ultrasound waves bounce around inside their heads, creating patterns and sounds allegedly as unique as fingerprints. The headset could prove a little clunky at first, but researchers think the technology could eventually be incorporated into a smartphone, authenticating users as they pick up their phones and hold them to their heads. An interim step may something akin to Google Glass (a new version is reportedly under development), which already creates a connection between the wearer's head and the network.
What's more granular or individual than DNA profiling? The container of our genetic information is viewed by some as the ultimate biometric medium. While it has a lot to recommend it (like the chance that two individuals having the same DNA profile is less than one in 100 billion), its biggest downside is yielding results in real time, which could make signing into your email problematic. Reserved for forensic applications, it's not hard to foresee that bloodkits could be outfitted with a USB port or Bluetooth for instantaneous authentication. But apart from access to the nuclear launch codes, the vaults at Fort Knox, or the inner sanctum of the Pentagon, it's hard to imagine a widescale security requirement that would demand this much precision or un-spoofability.
This may be a step or two away from voice recognition, but stay with us here for a moment. Like all other audible emissions from the throat, your cough, hack, or gulp all have a particular frequency associated with them. And what a field day during cold and flu season, or when allergies are in full bloom! And VR software has gotten advanced enough that medical professionals have used it to detect certain types of pertussis. One quick clearing of throat, and you're on the network and into those Salesforce.com files, with a handkerchief, of course.
Don't forget to wash your hands.
Swiss scientists using a reconfigured breathalyzer have discovered a breathprint, which could be put into service to create individual profiles. But it would have to be a lot less cumbersome than the lady in the photo and you probably wouldn't want a law enforcement offering you a tube each time you needed to log into an app or protected file. Then again, the breathalyzer authenticator might help reduce this day-drinking problem we're hearing more about.
Some vendors are experimenting with vein pattern recognition technology, which varies enough that blood veins can authenticate users accurately with very few false positives. The technology is considered so good that a few banks are already using vein pattern recognition to authenticate users of ATMs. The readers themselves are said to be un-intrusive and easy to use, with obvious application in hospitality, education and government. Vein pattern vendors claim they're also working toward contact-less systems for fast and hygienic authentication of individuals, which should boost its appeal to the healthcare sector.
Existing selfie authentication methods direct users to blink, or to close one eye and stick out their tongue. We propose taking this to the next level of undeniable individuality by requesting users recreate the moment they can't say no when handed a container, typically from a passive-aggressive family member. Then, that face that's unique to each of us.
Authentication, solved forever.
Knee scans acquired with an MRI machine could be used to identify people and authenticate their identities as they move in a line, as they enter a building or even try to log in to their smartphones, according to researchers, whose early tests have a 93% accuracy rate. When coupled with possession of the correct ID (passport, driver license) or other biometrics data, that rate could go even higher. While contact lenses can be used to dupe iris recognition systems and passports can be forged, fooling a knee scanner would require complicated, invasive surgery, researchers said. MRIs don't have the same radiation health risks as x-rays, nor do they capture underclothing anatomy images made infamous by some airport scanners.
Conclusion: Great for crowds, probably not practical for individuals at desktops or users with tablets on the go.
Knee scans acquired with an MRI machine could be used to identify people and authenticate their identities as they move in a line, as they enter a building or even try to log in to their smartphones, according to researchers, whose early tests have a 93% accuracy rate. When coupled with possession of the correct ID (passport, driver license) or other biometrics data, that rate could go even higher. While contact lenses can be used to dupe iris recognition systems and passports can be forged, fooling a knee scanner would require complicated, invasive surgery, researchers said. MRIs don't have the same radiation health risks as x-rays, nor do they capture underclothing anatomy images made infamous by some airport scanners.
Conclusion: Great for crowds, probably not practical for individuals at desktops or users with tablets on the go.
With MasterCard deciding to test the selfie as an authentication method for payments earlier this year, we cheered that the self-authentication conversation had moved beyond fingerprints and retinas. It's a welcome changeup that taps into facial recognition and also requires users to blink into a live camera to ensure it's not a photo of a selfie.
It also got us thinking about other common, readily access physiological features that would determine beyond a doubt, that's you.
So many candidates have come and gone in the last several years. Gait recognition, which collects data on how we walk, emerged post-9/11 for potential use in airports. Voice recognition remains in play, but has challenges with ambient noise, making it difficult to use in a shopping center, on the street or in an airport.
But the more we dug into this, the more we came to agree with noted security expert (and pop singer) John Mayer, that indeed, your body is a wonderland. Researchers and startups are using all kinds of body parts to uniquely and definitively identify us. We've highlighted some candidates here as well as a few that are, well, lighter in spirit.
In the meantime, once you're done closing your left eye and sticking out your tongue to pay down your credit card balance, check out our suggestions for futuristic authentication alternatives and let us know in the comments what we missed.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024