April 28, 2015 By Douglas Bonderud 2 min read

Passwords are passe; fingerprints are falling out of fashion. Enter Bodyprint, a new effort from Yahoo’s Research Labs, which looks to transform users into walking, talking, smartphone-using passwords. Anything from ears to knuckles to the barest edge of fingertips can be used to unlock mobile devices. Biometrics are taking the security world by storm, with patent applications for biometric technologies up from 46 just 10 years ago to 567 last year. Is Yahoo’s new offering the first wave of the future?

The Ears Have It

As reported by The Hacker News, this new biometric technology is looking to toss out fingerprints and traditional passwords in favor of a system that supports users’ natural habits. Have an incoming call? Bodyprint uses an ear impression to grant access. Want to encrypt sensitive documents? It’s possible to use knuckles, a set of five fingers around screen edges or the palm of a hand.

What’s more, it doesn’t require any extra technology, relying on a smartphone’s own capacitive touch screen rather than specialized fingerprint sensors. Because displays have lower resolution, bigger images are necessary for authentication, which is part of the reason scanned body parts must be much larger than fingerprints.

In its first public foray at the 2015 Computer Human Interaction conference in Seoul, South Korea, the application correctly identified bodyprints and their owners 99.98 percent of the time, but the Yahoo team has plans for more testing and algorithm improvement before it takes the product mainstream.

Private and Public

The evolution of biometric technologies raises a number of ethical questions concerning mandatory use and government oversight, but as noted by David Cowan of Bessemer Venture Partners, there is also a problem with theft.

“Once your fingerprint is stolen, it’s stolen forever, and you’re stuck,” he said.

The same goes for the shape of an ear, knuckle dimples or any other user characteristic. Fingerprint scanners are regularly duped by fake prints days after they debut in app stores. Does the rise of large-scale biometrics point to the emergence of a market where ear scans and palm prints are exchanged for big money?

Meanwhile, CBR predicts biometrics will be inextricably linked to the Internet of Things. This is already happening due to wearable fitness monitors and the development of a “human sat nav” at the University of Hanover, which helps direct users with the help of tiny electrical jolts. Bodyprint and similar initiatives offer a way to gate this type of access in a way that’s intuitive but still secure, and without the ability to “forget” or “lose” necessary access keys.

It’s no surprise nonfingerprint alternatives for smartphone security are cropping up, and so far, the technology looks promising. However, long-term success depends on both overall software accuracy and the readiness of users to embrace this type of person-to-password revolution.

Image Source: iStock

More from

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today