JIJITANG2014-07-15 3:58 PM

WITH FACELOCK, NEVER FORGET YOUR PASSWORD AGAIN

A system based on face recognition could put an end to forgotten passwords or PIN numbers and offer a safer way to sign in to accounts.

Humans can recognize familiar faces across a wide range of images, even when their image quality is poor. In contrast, recognition of unfamiliar faces is tied to a specific image—so much so that different photos of the same unfamiliar face are often thought to be different people.

Rob Jenkins of the psychology department at the University of York is lead author of a paper that suggests the new system, called Facelock, exploits this psychological effect to create a new type of authentication system. The research is published in the open-access journal PeerJ.

Familiarity with a particular face determines a person’s ability to identify it across different photographs and as a result a set of faces that are known only to a single individual can be used to create a personalized “lock.”

Access is then granted to anyone who demonstrates recognition of the faces across images, and denied to anyone who does not.

HOW IT WORKS

To register with the system, users nominate a set of faces that are well known to them, but are not well known to other people. The researchers, who included Jane McLachlan and Karen Renaud at the University of Glasgow, found that it was surprisingly easy to generate faces that have this property.

For example, a favorite jazz trombonist, or a revered poker player are more than suitable—effectively one person’s idol is another person’s stranger. By combining faces from across a user’s domains of familiarity—say, music and sports—the researchers were able to create a set of faces that were known to that user only. To know all of those faces is then the key to Facelock.

The “lock” consists of a series of face grids and each grid is constructed so that one face is familiar to the user, while all other faces are unfamiliar. Authentication is a matter of simply touching the familiar face in each grid.

For the legitimate user, this is a trivial task, as the familiar face stands out from the others. However, a fraudster looking at the same grid hits a problem—none of the faces stand out.

HARD TO FAKE

Building authentication around familiarity has several advantages. Unlike password or PIN-based systems, a familiarity-based approach never requires users to commit anything to memory. Nor does it require them to name the faces in order to authenticate.

The only requirement is to indicate which face looks familiar. Research has shown that familiarity with a face is virtually impossible to lose and so this system is naturally robust. In the current study, users authenticated easily even after a one-year interval.

In contrast, disused passwords can be forgotten within days.

As well as being extremely durable, familiarity is hard to fake. This makes the system difficult for fraudsters to crack. In the current study, the researchers asked volunteer attackers to watch a successful authentication sequence based on four target faces, so that they could pick out the same four faces from similar test grids. These attacks could be defeated simply by using different photos of the same faces in the test grids.

For the user, who is familiar with the target faces, it is easy to recognize the faces across a range of images. For the attacker, who is unfamiliar with the target faces, generalizing across images is difficult.

“Pretending to know a face that you don’t know is like pretending to know a language that you don’t know—it just doesn’t work,” says Jenkins. “The only system that can reliably recognize faces is a human who is familiar with the faces concerned.”

The initial study combines the cognitive science of face perception and the computer science of secure authentication to work in sympathy with the strengths and limitations of human memory.

“We hope that software developers will now take this framework and turn it into a polished app, while other experts optimize the usability of the system,” Jenkins adds. “If those two things happen, you could see this system on your device in the next product cycle.”

Original Article: 
《Facelock: familiarity-based graphical authentication》, Published on Journal 《Peer J》in July 4, 2014. 

KEYWORDS

SHARE & LIKE

COMMENTS

ABOUT THE AUTHOR

JIJITANG

0 Following 3 Fans 0 Projects 310 Articles

SIMILAR ARTICLES

Changes to the Special Supplemental Nutrition Program for Women, Infants, and Children (WIC) have resulted in families eating more fruits and vegetable

Read More

In contests drawn from game theory, chimpanzee pairs consistently outperform humans in games that test memory and strategic thinking.A new study, condu

Read More

Publishing is one of the most ballyhooed metrics of scientific careers, and every researcher hates to have a gap in that part of his or her CV. Here’s

Read More

Pornography triggers brain activity in people with compulsive sexual behaviour -- known commonly as sex addiction -- similar to that triggered by drugs

Read More

In a recent survey, academic staff at the University identified the interrelated skills of writing and reasoning as the two most important skills for s

Read More

In a recent survey, academic staff at the University identified the interrelated skills of writing and reasoning as the two most important skills for s

Read More

Reading cautionary tales like The Boy Who Cried Wolf and Pinocchio to little kids might not be the best way to teach them to tell the truth.New researc

Read More

Those flat, glassy solar panels on your neighbor’s roof may be getting a more efficient makeover, thanks to a new class of solar-sensitive nanoparticle

Read More

Physicists have overcome a major challenge in the science of measurement using quantum mechanics. They’ve used multiple detectors to measure photons in

Read More

If you want to slow down long enough to smell the proverbial roses, you might want to move to a neighborhood with fewer drive-thru restaurants, researc

Read More