Bye-bye keys, hello heart rate?
Google has just announced that its Project Abacus, launched a year ago, will be available for Android developers by the end of the year. The project, which some have dubbed “creepy” involves replacing passwords with a collection of data based on user behavior, including how somebody types of walks, their location, voice characteristics and facial recognition, on which an accumulative trust score is built that works as authentication.
In practice, the project is basically about continuous biometrics, constant monitoring through sensors that establish if we are who we say we are. The idea is to eliminate the need for passwords, identification numbers or other approaches that so far have proved to be neither particularly effective and that can become burdensome when repeated over and over each time we use a device.
Combining these kinds of projects and technologies with electronic payment methods creates scenarios that while still a long way from being ready for daily use, offer tremendous potential. The progressive sensorization of more and more devices converts somebody’s identity into a collection of data generated by certain behaviors, meaning we can relax some requirements if we are reasonably confident that identification has been carried out by other means. For example, fingerprint identification is not that secure, given that our prints are probably already all over the device in question, but aside from making it harder for another person to try to impersonate us, raising a series of other challenges.
The fingerprint sensor on a smartphone, for example, requires a sufficient degree of precision so as to identify a print the clarity of which can be affected by different circumstances. This involves fine tuning: too much and we may find that we are unable to open our own device.
Which is why there is a backup in the form of a PIN. But we’ll probably end up disconnecting the fingerprint recognition system if we find that we are regularly having to use the PIN because of problems with it.
With biometrics, these kinds of problems are avoided: it’s not about identifying somebody on how they walk, by their facial features, their location, their voice, or even their heart rate, but by a combination of these factors, in the same way that device fingerprinting works: if you are somewhere like your home or your office, then the precision with which the other identification requirements match can be relaxed, or if the combination of other factors add up to a positive ID, then other data probably won’t be needed.
The paradox is clear: in today’s world, objects such as keys no longer make much sense, and there are any number of other alternatives that would make them redundant (and in my case would mean I no longer have to worry about where I left them)… but keys are still the way that 99 percent of us to open doors. It’s the same when it comes to unblocking devices: greasy hands can prevent prints being read properly, and somebody can look over our shoulder when we tap in our numbers, but it’s the way most of us go about opening our smartphone or tablet. At the end of the day, all we’re looking to do here is find a reasonable balance between security and comfort, bearing in mind that there are now more and more variables we can use.
Are we ready for our devices to recognize us from our biometric data? Is this something we find disturbing, or are we prepared to open up in this way to make life easier?
(En español, aquí)
