Biometrics on the Blockchain
October 9th, 2019
Physiology can help other security firms take advantage of the fact that we are living beings. We possess very useful signals that we can tap, like the heartbeat, respiration and voice. Those signatures could be trained faster than the biometrics based on motions, as they are non-context-dependent and, in my experience, contain more information per unit time. They’re also very hard to hack or imitate.
In the future biometrics will be used extensively for identity management. Biometric authentication is already closely tied to the concept of identity since some biometrics can uniquely identify you within a given set of users (e.g., employees or citizens). In this context, identity is the means by which you make “claims” to rights, membership, and ownership of property or data.
When all of our human data and biometrics are stored in the cloud, there are serious concerns about AI impersonating us to gain entry into our homes, devices or personal data. The reality of this could be a lot closer than we think — which makes the need to secure blockchain critical to its success as a security solution.
Blockchain lacks assurances at both ends of the chain, which prevents it from being fully trustable. What we see today is an alarming number of fraudulent crypto-related schemes raising concerns around the legitimacy of the blockchain industry. For example, a Finnish investor reportedly lost $35 million worth of bitcoin to scammers. A Deloitte leader recently said that their clients have expressed concerns about initial coin offerings (ICOs).
No matter how smart and no matter how well-coded a know-it-all future AI bot may be, it will never be alive. It will never have a heartbeat. Physiology may be the only measurable frontier between bots and humans. The brain, heart and voice could be both authenticators and encryptors — we could be uniquely recognized and yet not reveal our true identity. Linking pseudonymous biometrics with physiology could close the loop by providing the missing half of the Web 3.0.
From our perspective in the space and our understanding of physiology, many possibilities exist for fellow innovators to capitalize on this opportunity. For example, a voice signal combined with respiration could provide a lot of information about our vocal cords, body shapes and speaking volumes; it could have the density to be used as an encryption key at the same time. Heartbeat — a slower measure — could provide information about the electronics of the heart muscle. This information, which I see as different from what the EKG measures, could potentially reflect the neuro-anatomy of the heart muscle. Likewise, any muscle and its activity are connected with the nerve system, which could provide further opportunities for new biometric security solutions. Physiological methods of identification like these could generate all the key pairs needed to navigate the future of IoT and blockchain. The IoT — by its sheer scale — will likely need many more keys for all those interactions, and the human body possesses the needed entropy for this task. Innovators can find ways to use this physiology for security and enable a user-centric instead of a machine-centric IoT.
By combining biometrics and the blockchain, tech leaders can create solutions to keep a user’s identity inside a secure distributed ledger system, achieving complete human control.