Blinking patterns, brainwave measurements, your way of walking, keystroke dynamics, voice recognition, text style –are all examples of behavioural biometrics. Biometrics measure features of a person over time. Behavioural biometrics can enhance the security of user authentication and intrusion detection applications, often with very low impact on the system users.
As well as traditional authentication scenarios such as system login, they may also be used to monitor a system for intrusion (e.g. if an unauthorised user is using a workstation). What you will see in the next “Mission Impossible" or "Minority Report” movie with Tom Cruise may well be new methods of behavioural biometrics.
Some key findings of the recent ENISA briefing paper include:
- They are most useful when you are using more than one type of biometric at the same time, and as a complement to more robust methods
-Some behavioural biometrics, require specialised and sometimes highly obtrusive equipment which may be off-putting to users.
- Other behavioural biometrics offer a completely unobtrusive technique to identify or classify individuals.
-Such unobtrusiveness may be challenging from the point of view of collecting user consent, as required by law in many jurisdictions.
- Data collected by behavioural biometrics may be used for secondary purposes. This can involve the processing of highly sensitive data.
ENISA Briefings are short descriptions of emerging issues in security aimed at policy and decision makers. The purpose of this briefing is to give an introduction to the possibilities offered by behavioural biometrics, as well as their limitations and the main issues of disagreement between experts in the field.
For full briefing document.
Stay tuned - subscribe to RSS feeds of ENISA news itemshttp://www.enisa.europa.eu/media/news-items/news-wires/RSS