Performance and Usability Evaluation of Brainwave Authentication Techniques with Consumer Devices

Brainwaves have demonstrated to be unique enough across individuals to be useful as biometrics. They also provide promising advantages over traditional means of authentication, such as resistance to external observability, revocability, and intrinsic liveness detection. However, most of the research so far has been conducted with expensive, bulky, medical-grade helmets, which offer limited applicability for everyday usage. With the aim to bring brainwave authentication and its benefits closer to real world deployment, we investigate brain biometrics with consumer devices. We conduct a comprehensive measurement experiment and user study that compare five authentication tasks on a user sample up to 10 times larger than those from previous studies, introducing three novel techniques based on cognitive semantic processing. Furthermore, we apply our analysis on high-quality open brainwave data obtained with a medical-grade headset, to assess the differences. We investigate both the performance, security, and usability of the different options and use this evidence to elicit design and research recommendations. Our results show that it is possible to achieve Equal Error Rates as low as 7.2% (a reduction between 68–72% with respect to existing approaches) based on brain responses to images with current inexpensive technology. We show that the common practice of testing authentication systems only with known attacker data is unrealistic and may lead to overly optimistic evaluations. With regard to adoption, users call for simpler devices, faster authentication, and better privacy.