We
forget our highly secretive combinations, so we frequently have them reset and
sent to our cellphones and alternative email addresses. We come up with clever
jumbles of letters and words, only to mess up the order. We sit there on the
login screen, desperately punching in a code we should know by heart.
Despite
their inefficiencies, passwords are still the most common electronic
authentication systems, protecting everything from our bank accounts, laptops
and email to health information, utility bills and, of course, our Facebook
profiles. While fingerprint- and eye- and face-recognition authentication
technology is progressing, these biometric security systems haven't yet gone mainstream.
It
is found in a recent study that the user's experience could be the key to create
a system that doesn't rely on passwords.
"How
humans interact with biometric devices is critically important for their future
success," "This is the beginning of looking at biometric
authentication as a socio-technical system, where not only does it require that
it be efficient and accurate, but also something that people trust, accept and
don't get frustrated with."
A
new biometric authentication technique that identifies people based on their
eye movements has been developed. For instance, users simulated withdrawing
money from an ATM. The prototype -- an ATM-lookalike computer screen with
eye-tracking technology -- presented three separate types of authentication: a
standard four-number PIN, a target-based game that tracks a person's gaze, and
a reading exercise that follows how a user's eyes move past each word. With
each, researchers measured how long it took and how often the system had to
recalibrate.
Eye-tracking
technology uses infrared light and cameras. The light reflects off the surface
of the eyeball back to the camera when a user's eye is following a dot or words
on the computer screen. The tracking device picks up the unique way each
person's eye moves.
The
ATM scenario has been chosen because it's familiar to most people and many
machines already have a basic security camera installed.
The
goal of eye-tracking signatures is to enable inexpensive cameras instead of
specialized eye-tracking hardware. This system can be used by basically any
technology that has a camera, even a low-quality webcam.
But
when authentication failed, not recognizing the users during one trial made to
lose faith in the eye-tracking systems. The future eye-tracking technology
should give clear error messages or directions on how users should proceed if
they get off track.
The
researchers plan to look next at developing similar eye-tracking authentication
for other systems that use basic cameras such as desktop computers. A similar
design could be used to log in or gain access to a secure website.
Regards,
