Memories: The Next Step in Biometric Authentication?

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

We loved the second paragraph of a press release from startup Cogneto that crossed our desk recently. We've seen many -- too many -- releases over the years, but this is the first that claimed anything as grand as being able to identify "online users based on their unique memories and life experiences."


We thought back to being unable to mount the parallel bars in the fourth grade and wondered whether this was more or less likely to get us into our online bank account quickly. (If so, it was worth it.)


Snide flashbacks aside, we realized that what the company is trying to do is intriguing and a potentially important step as the security industry tries to come up with the best approach to two-factor authentication. Clearly, passwords are the prime authentication factor in such scenarios. Fingerprints most often are the second factor, though some companies are looking at iris scans, so to speak.


Second factors usually are biometric. The advantage is that biometrics deal with something that is unique and unchangeable about the user. The importance of the Cogneto announcement -- in addition to amusing us -- is its use of advanced techniques to peer into the state of mind of the person seeking authorization.


A meaningful memory, according to the company, will impact the way the person manipulates the mouse and otherwise interacts with the network. The data from the reaction is analyzed and, at least theoretically, reveals whether the person typing is who they say they are. This, we suppose, is akin to how a lie detector works.


This clearly has a significant impact for mobile users. Laptops, which continue to disappear at an alarming rate, increasingly carry sensitive data and are often set up for easy access to corporate databases. It's important to make sure the right person is using them. Cutting edge biometrics offers a potent tool to do this.


What's particularly interesting about Cogneto's product is that it signals the evolution of biometrics from the purely physical -- such as a fingerprint -- to something that is a combination of physical and non-physical. That's kind of funny, a bit scary -- and potentially very useful.