The US military is working on replacing passwords with “cognitive fingerprints.” These rely on stylometrics, which is an analysis of how language is used by individuals. Each person has a different stylometric profile of how they type and word-process, which can be more personally identifying than simple biometrics.
The identity verification system is being developed thanks to a multimillion-dollar grant to the West Point military academy. The system will use a person’s behavior to confirm identity, by recognizing the way a person types—frequent typos, how the mouse or cursor is used, typing speed and so on.
"Just as when you touch something with your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a 'cognitive fingerprint',” explained a contract document seen by Sky News and reported by Yahoo! Finance.
It added, "The biometrics program is creating a next generation biometric capability built from multiple stylometric/behavioral modalities using standard Department of Defense computer hardware."
The system will be used for encrypted data communications across all of its services, and is part of the Defense Advanced Research Projects Agency (DARPA) active authentication program. But consumer applications for the technology could be myriad, particularly when it comes to e-commerce, online banking and the internet of things ecosystem.
“The current standard method for validating a user’s identity for authentication on an information system requires humans to do something that is inherently unnatural: create, remember, and manage long, complex passwords,” DARPA said. “Moreover, as long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus unauthorized individuals may improperly obtain extended access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating at the console.”