Sign In

Remember Me

Mandrake — Biometric ID from Touch Interfaces

mandrakeAccording to a senior fellow for Lockheed IT, the National Security Agency has tested the use of smartphone-swipe recognition technology dubbed Mandrake.

The NSA has developed a new technology, dubbed “Mandrake“, that can identify users from the way they swipe strokes and text on a smartphone screen. The news was reported by officials withLockheed Martin who helped design the technology.

According to John Mears, a senior fellow for Lockheed IT and Security Solutions, that Lockheed Martin has recently tested swipe recognition technology that allow the identification of smartphone users based on how they type on their mobile devices.

“The National Security Agency has tested the use of smartphone-swipe recognition technology, according to the tool’s manufacturer. The mobile device feature, created by Lockheed Martin, verifies a user’s identity based on the swiftness and shape of the individual’s finger strokes on a touch screen.reported by Nextgov.

Mobile Banking Apps

Mandrake is able to remotely analyze the curve, unique speed and acceleration of a person’s finger stroke across the touch screen of their smartphone, this information are unique for each individual as explained Mears.

Nobody else has the same strokes,” explained Mears. “People can forge your handwriting in two dimensions, but they couldn’t forge it in three or four dimensions.” “Three is the pressure you put in, also to the two dimensions on the paper. The fourth dimension is time. The most advanced handwriting-type authentication tracks you in four dimensions.“Officially, the NSA has developed the Mandrake technology for authentication purpose and it is already available to the Agency, but privacy advocates fear a possible use for surveillance activities.

“We’ve done work with the NSA with that for secure gesture authentication as a technique for using smartphones,” Mears said. “They are actually able to use it.”John Mears added that the Mandrake technology could be used for emergency responders who do not have the capability to access an incident command website.“If you are going 100 miles down the road, you are not going to enter a complex 12-character password to authenticate yourself,” he said. “We have some customers who deal with radioactive material and they can’t touch things” that small with gloves on — “How do they authenticate?”

Nextgov reported that Lockheed Martin was involved in other projects with the US Government that could represent a serious threat for people’s privacy, the news agency referred a project committed by the FBI for a $1 billion facial, fingerprint, palm print, retina scan and tattoo image biometric ID system. The FBI’s project, dubbed the Next Generation Identification system, could allow in a short future to identify a person from its voice and on how it walks.

###

Pierluigi Paganini is Chief Information Security Officer at Bit4Id, firm leader in identity management, member of the ENISA (European Union Agency for Network and Information Security)Treat Landscape Stakeholder Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog “Security Affairs” recently named a Top National Security Resource for US. Pierluigi is a member of the “The Hacker News” team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books “The Deep Dark Web” and “Digital Virtual Currency and Bitcoin”.

 

[Editor’s note: see also http://www.connectidexpo.com/creo_files/expo2014-slides/connectID%20slides.pdf where the idea of using “swipe behavior” is previously reported.]