Replacing Your Password with a Finger Swipe
Touching and finger-swiping are the dominant method of navigating on hundreds of millions of smartphones and tablet computers. The same touch might soon confirm your identity, too.
A new device dispatches a few bits of data, representing a password, from a special ring on your finger and sends the data as tiny voltage bursts through your skin for capture by the screen of the phone, so that your touch alone identifies you by the code from the ring.
Depending on the application, this could allow rapid switching between settings of people who share the same device, allow a game to distinguish between multiple players using the same screen, replace passwords, or provide an additional layer of protection atop passwords (see “Study Reveals a Confused View of Mobile Phone Privacy and Security”).
Currently a prototype at the Winlab of Rutgers University, the method “opens new directions in user interaction and authentication,” says Romit Roy Choudhury, a computer scientist at Duke University familiar with the research. “Imagine every electronic gadget knowing who you are and adapting to your preferences, or even offering you personalized information” simply by knowing your touch, he adds.
Project leader Marco Gruteser, a computer scientist at Winlab, says he hopes to commercialize it within two years. The benchtop device used in the research is clunky, but it will be easy to miniaturize, he says.
The ring, in addition to conveying the information through your skin, can work in other ways as well. It can be applied directly to a touch screen to convey password data faster, or to convey more data for a stronger password.
The technology consists of a battery-powered ring with flash memory that holds a code, and a signal generator that transmits the code as tiny voltage spikes. Touch screens-—already designed to detect voltage changes from fingers touching and moving across the screen—pick up those spikes, and software on the phone reads them as password-like data.
There are other ways for a device to confirm who a user is: biometric-based approaches represent one class. The appeal of the Winlab approach is that so many devices use swiping already, whereas few commercial devices have retina-readers or finger-scanners (Motorola’s Atrix, one exception, includes a fingerprint sensor). A device that would use a voiceprint (see “Securing Your Voice”) to identify its user, meanwhile, would require the owner to speak out loud.
A finger-swipe is not only discreet and specific, Gruteser says, it’s something people are already doing. “The key to figuring out who is using a device is to understand who is touching the screen, and that is what our technology can do,” he adds.
Of course, you now have to remember one more thing in the morning—to wear your ring (or whatever other form the token takes). And second, anybody who gets hold of your ring could use it to gain access to your device or settings until you reset the code your device is looking for.
At present, only a few bits of data per second can be transmitted quickly and accurately via such a ring. The equivalent of a pin code takes around two seconds for the ring to transmit, but Gruteser expects to speed that up by a factor of 10 by modifying touch-screen firmware in phones.
Keep Reading
Most Popular
Scientists are finding signals of long covid in blood. They could lead to new treatments.
Faults in a certain part of the immune system might be at the root of some long covid cases, new research suggests.
Large language models can do jaw-dropping things. But nobody knows exactly why.
And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.
OpenAI teases an amazing new generative video model called Sora
The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.
Google’s Gemini is now in everything. Here’s how you can try it out.
Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.