When you think about biometrics, futuristic movies like Minority Report or Gattaca might come to your mind. However, the use of biometrics for authentication purposes has been around for a long time but mostly after the 9/11 terrorist attacks. After that event the identification of citizens and travellers has become a priority on the international agenda and the use of biometrics has been widely adopted through the biometric passport or e-passport.
Biometrics allows human identification by their characteristics or traits. These characteristics might be either physical or behavioural. The facial, fingerprint and iris recognitions are the three methods more widely used since this biometric information is included on the e-passports. Therefore a lot of research has been done regarding these traits and most of the commercial systems are based on all or some of them.
However, there are many more traits that have been proved to contain enough unique information to be used for authentication for biometrics purpose, such as the voice, the gait, the EEG signal, the ECG signal, the ear shape, the pattern of veins on the finger, the retina, the password keystroke and others that are at an early stage of research such as body odor.
In the case of the EEG signal, the electrical activity measured on the scalp comes from the voltage fluctuations resulting from ionic current flows within the neurons of the brain. Taking into account that the brain has about 1011 neurons and about 1015 synapses it would be very unlikely that two brains are identical.
Here at Starlab we have developed a biometric system based on both the EEG and ECG signals recorded with the wireless Enobio sensor. It records the electrophysiological signals using just four electrodes: two of them placed at the forehead to record the EEG signal, another one on the wrist to record the ECG signal and finally one on the ear lobe which is used as reference for the other channels.
The performance of this biometric system is similar to other ones that use traits like the ones previously mentioned. The False Acceptance Rate (FAR) and the False Rejection Rate (FRR) are measures commonly used to characterize such a system. The FAR measures the percentage of imposter users that are treated as genuine so they can pass through the biometric system. On the other hand the FRR measures the probability that the system fails to detect a genuine user.
The ideal biometric system would have a 0% for both the FAR and the FRR considering the entire population. Up to now the analysis of a DNA sample would be the only system that would guarantee such a performance (excluding identical twins). However, for most of the use cases where a biometric system might be used, the cost and time for processing a sample is too high. So the approach to tend to systems with 0% error is the use of more than one trait to perform the authentication process, in other words, to make a multimodal system.
That approach was followed when designing our EEG-based Biometric system. We included the signal from ECG in order to improve its robustness so it combines the results obtained after analysing both the EEG and ECG signal using data fusion techniques. The multimodal system then leads to better results (in terms of FAR and FRR) than if the system only used either the EEG or the ECG signal.
We envision that an EEG-based biometric system is suitable for applications that already collect electrophysiological signals such as the EEG and the ECG and might need a continuous authentication of the user. Take as an example the scenario described in the Beaming project where a user interacts with a remote location by means of an avatar. In this scenario the electrophysiological signals are recorded to perform affective computing so those same signals would be used to perform a biometric authentication. By authenticating the user, the people interacting with the avatar on the remote location would be sure that the person controlling the avatar is who he/she claims to be.
In a future post I will explain how an EEG-based biometric system might be useful to protect against spoofing attacks. This issue has gained a lot of attention so far from the research community. The Tabula Rasa project is an example of it, but I’m afraid you’ll have to wait for the next post about biometrics to know a bit more about that…