Ask the Expert

How can the combination of biometrics and electrophysiological signals be used for authentication?

I've heard a lot about biometrics and electrophysiological signals. How do they work? How old is this method? What are the pros and cons, error rates, and how does the cost weigh against other biometrics methods? What is the likelihood that this technology will eventually become a dominant form of biometric authentication?

Requires Free Membership to View

The biometrics device you mention, using electrophysiological signals, was developed by Aladdin Knowledge Systems, which first demonstrated a prototype at the RSA Conference in 2006.

This product, when publicly available, will be part of the vendor's eToken multifactor authentication suite. It works by measuring a user's cardiac signals, what it calls a biodynamic signature. The signature, like that of other less esoteric biometrics devices, is unique to every individual and is difficult to spoof. The technology was developed in conjunction with an Israeli biometrics firm, IDesia.

The device consists of a round USB token with two tiny finger pads. Upon first use, the user puts two fingers, one on each pad, onto the device, which registers the user's electrophysiological signal. When he or she wants to log onto the system later, they touch the token again with their two fingers. The person's signal is matched against the one stored in the system and, if identical, access is granted.

I actually saw a demonstration of the device at Aladdin's booth at the RSA Conference last year. It was impressive, but still in the prototype stage. Aladdin had planned to roll out the device to the public sometime this year.

Since it's still apparently in development, any comments on the product's cost, error rates and likelihood of dominating the biometrics market would be pure speculation. The technology and the device are simply too new to make judgments about. Yet it's certainly an interesting technology worth tracking.

For more information:

  • Learn about the risks associated with implementing biometric data and how to avoid them.
  • Security expert Joel Dubin examines how authentication credentials, such as biometric data, are in need of more protection from government regulations.
  • This was first published in October 2007