recommended reading

NSA Tests Out Smartphones that Recognize Handwriting Motion

Gajus/Shutterstock.com

The National Security Agency has tested the use of smartphone-swipe recognition technology, according to the tool’s manufacturer.

The mobile device feature, created by Lockheed Martin, verifies a user's identity based on the swiftness and shape of the individual’s finger strokes on a touch screen. The technology is but one incarnation of handwriting-motion recognition, sometimes called "dynamic signature" biometrics, that has roots in the Air Force. 

"Nobody else has the same strokes," said John Mears, senior fellow for Lockheed IT and Security Solutions. "People can forge your handwriting in two dimensions, but they couldn't forge it in three or four dimensions. Three is the pressure you put in, in addition to the two dimensions on the paper. The fourth dimension is time. The most advanced handwriting-type authentication tracks you in four dimensions."

The biometric factors measured by Lockheed's technology, dubbed "Mandrake," are speed, acceleration and the curve of an individual’s strokes. 

"We've done work with the NSA with that for secure gesture authentication as a technique for using smartphones," Mears said. "They are actually able to use it."

Nextgov has contacted NSA for comment.

Lockheed officials said they do not know how or if the agency has operationally deployed the Mandrake smartphone doodling-recognition tool. The company also is the architect of the FBI's recently completed $1 billion facial, fingerprint, palm print, retina scan and tattoo image biometric ID system. That project, called the Next Generation Identification system, could tie in voice and "gait matching" (how a person walks) in the future, the bureau has said.

Mandrake potentially might be useful for emergency responders who often do not have the time or capability to access an incident command website, Mears said.

"If you are going 100 miles down the road, you are not going to enter a complex 12-character password to authenticate yourself,” he said. “We have some customers who deal with radioactive material and they can't touch things" that small with gloves on -- "How do they authenticate?"

In 1978, the Air Force and contractor MITRE published some early test results on handwriting-motion ID verification. The use case back then involved gaining entry to restricted facilities, not locked-down smartphone apps. 

As part of a project to develop external physical security systems for the Pentagon, the Air Force acquired an "automatic handwriting verification system," according to a research abstract. The technique required two forms of identification.

"An individual desiring access into a controlled area arrives at the entry control point" and types in a 4-digit ID number "through a keyboard," the paper states. Then, the system prompts the user to further prove identity through handwriting. It matches the individual's scribbling in real time against a pre-enrolled “pressure versus time history of a signature,” the study states.  

Experiments were performed in a laboratory and in a weapons storage area at Pease Air Force Base in New Hampshire. Interestingly, the error rate was higher for females than for males. But, in general, it was determined the results should not be affected by "the sex or the handedness" of the person. At that time, the technology was too embryonic to operate under real world conditions, the research said.

Today, in retail, handwriting-gesture recognition is sometimes used to enhance customer service, by allowing sales staff to authorize sensitive transactions wherever convenient. 

For example, in 2012, Asian life insurance company AIA started using a Kofax-brand app on tablet computers that captures the image, speed and acceleration of a person’s strokes with a stylus. 

Broadly speaking, however, gesture recognition has not found its sweet spot in the ID management sector.

A 10-year biometrics market forecast released earlier this month by research firm Tractica found that the technology was not lucrative in any of the 194 countries analyzed.

"Research on signature dynamics . . . has been ongoing for nearly 50 years, but still there is no viable use case, and it was never mentioned during any of the interviews conducted for this report," the study concluded.​

(Image via Gajus/ Shutterstock.com)

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    View
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    View
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    View
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    View
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    View
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    View

When you download a report, your information may be shared with the underwriters of that document.