GCN LAB IMPRESSIONS
Magic log-in ring lets you use finger swipes for passwords
The touch screens on smart phones and tablet devices are, depending upon who you talk to, either the most awesome interface ever or a plague upon fat-fingered phone owners. Although some have trouble getting used to manipulating it, those who have mastered it can do some pretty amazing things on a touchscreen. But no matter your skill level, one thing the screen can’t do is uniquely identify you with a single touch.
A capacitive touch screen, which is the one used in practically all of our devices, is a transparent conductor that coats the inside of the glass display panel. When another electrical conductor, such as a human finger, touches the outside of the glass, the screen’s electrostatic field gets distorted, and the computer knows where the screen was touched.
DARPA: Dump passwords for always-on biometrics
Devices now are smart enough to respond to multiple simultaneous touch points, but reading something as fine as a fingerprint is more than a touchscreen is currently capable of doing. And for some reason most commercial tablet and smart phone manufacturers still do not include biometric fingerprint scanners.
The Wireless Information Network Laboratory (WINLAB) at Rutgers University has developed a prototype token device that will function as a workaround to this limitation. This device, which was demonstrated in the form a ring, is worn on the user’s hand. It sends out electronic pulses that can be decoded as a password through your hand, so when you swipe your finger the password can be input automatically.
Or to be more dramatic, you can touch the ring directly to the screen -- magical phrase optional.
Credit: WINLAB, Rutgers University
Right now it is definitely still in the research stage. Sending the equivalent of a password as simple as a PIN took about two seconds in the demonstration. Researchers say that this process can be sped up by a factor of 10 with some firmware modifications in touchscreen devices.
Of course, the one down side to this technology is that users will have to remember to take the ring with them and to put it on when using their devices. And of course the whole scheme could be defeated by stealing the token device along with the smart phone or tablet.
But it seems a step in the right direction toward reliable automatic user identification for mobile devices, especially if it eventually leads to a way to authenticate without the ring. As government agencies make greater use of mobile devices, anything that can help shore up user authentication is worth keeping a finger on.