Behavioral biometrics is a relatively new form of authentication mechanism which relies on the way a person interacts with an authentication device. Traditional instances of this approach include voice, signature, and keystroke dynamics. Novel approaches to behavioral biometrics include biosignals, such as the electroencephalogram and the electrocardiogram. The biosignal approach to user authentication has been shown to produce equal error rates on par with more traditional behavioral biometric approaches. In addition, through a process similar to biofeedback, users can be trained with minimal effort to produce computer-based input via the manipulations of endogenous biosignal patterns. This chapter discusses the use of biosignal based biometrics, highlighting key studies and how this approach can be integrated into a multibiometric user authentication system.
TopIntroduction
Behavioral biometrics is an approach to user verification and/or identification based on the way a person interacts with the biometrics device. Some of the most prominent instantiations include keystroke dynamics, mouse dynamics, signature, voice, gait, and odor (Revett, 2008). In order to serve as a biometric, the input must not only be unique, but must be convenient, reliable, and difficult to replicate.
The uniqueness of behavioral biometrics refers to individual differences in the way people interact with the verification device. With respect to signature verification as an example – how unique are our signatures? In part, this depends on how closely one looks at a signature. A clerk in a shop may provide a quick glance when comparing a signature to that written on the back of a credit card. At the other extreme, an off-line signature verification system may extract several features including pen pressure or wavelet transform of a digitized version when comparing a signature to a reference exemplar (Coetzer et al., 2004). The question remains - are signatures sufficiently unique to provide unequivocal person authentication? The data suggests that error rates on the order of 5% or less - depending on the verification methodology employed (see Kholmatov, 2001 for a comprehensive discussion on this topic) are obtainable. Other behavioral biometrics produce similar error rates – though large variations have been published, depending on the exemplar matching approach employed, the quality of the data, and the features extracted (see Revett, 2008 for details).
Convenience in the context of biometrics is intimately related to familiarity in many respects – if we are used to entering a password/PIN, then this form of user verification in the stricter context of biometrics is not prohibitive. Typically, most behavioral based biometrics utilize familiar functions and hence convenience is not an issue. For instance, gait analysis can be performed in real-time – for example, while users are approaching a gate at an airport. In addition, convenience refers to the level of invasiveness of the biometric. One may consider a retinal scan as invasive – simply because we are not used to engaging in such activities – even though there is no inherent risk to the user. This sense of user acceptability/convenience is one of the key factors in the rapid deployment of behavioral based biometrics.