Skull echoes can be a password to protect facehugger computers

Ahh, biometrics. In the race to replace the password, that sadly inadequate Eeyore of the authentication world, is there any part of the body that hasn’t been poked at?

We’ve seen the rise (and fall… and fall again, via an even easier method) of fingerprints, iris recognition (which, like fingerprints, can be tricked with constructed copies), voices, faces, ears, your microbial entourage, and brainprints.

The latest biometric bit of the body to be tested for use in authentication: the skull.

Researchers at the Max Planck Institute for Informatics and the universities of Stuttgart and Saarland conducted a controlled study – with only 10 participants – of the way a sound bounces around a skull and reverberates back, using the bone conduction speaker and microphone integrated into an eyewear computer like Google Glass.

They’re calling the technology SkullConduct.

According to the team’s paper, each of us has a unique, and stable, frequency response when sound is conducted through our skulls.

The team sees a couple of potential applications for the authentication:

  1. Personalizing eyewear computers. We haven’t heard much on the Google Glass front since it was removed from the realm of the masses and plugged into Google’s Internet of Things department. But the researchers behind SkullConduct note that skull-hugging computers are increasingly being used for training in laboratories, medical documentation, educational purposes, or even during surgeries. In any of those areas, the devices may get swapped around regularly. When a device finds itself installed on a different skull, it could adapt accordingly, they said:

    As soon as a user puts on the device, SkullConduct can immediately identify the user and configure user-specific settings, such as preferred applications or system preferences.

  2. Protecting private content. The researchers note that current head huggers lack protection for the private information they store, which can include social media logins or bank account details. The researchers propose that user authentication could automatically be triggered after a new user puts on a device. What’s more, SkullConduct could be programmed to re-authenticate when specific applications are started, such as a banking application, to ensure that a given user has permission to access such an app.

The researchers claim to have identified users with 97% accuracy and authenticated them with an error rate of 6.9%. That makes SkullConduct worthy as a secure way to identify and authenticate an eyewear computer user, they said.

They note that SkullConduct was tested in a controlled environment, without any background noise. Such noise – which might include people talking in the background, or appliances – might reduce performance.

Weight gain or hair growth might also mess things up.

Image of Human Skull courtesy of