New research adds to concern surrounding the security of brain-interface devices that Facebook and Elon Musk’s Neuralink are developing.
In a recent study, University of Alabama at Birmingham professor Nitesh Saxena demonstrated how brain waves can give away sensitive data like PINs and passwords.
Brainwave-sensing headsets, like the Epoc+, are the first among what will soon be a crowded market of devices interacting directly with human grey matter. The headsets monitor electrical currents in the brain, called electroencephalography, or EEG.
The same technique is used in VR headsets and sold as controllers for video, Technology Review reports. EEG is also used in research and medical settings for controlling robots or bionic limbs.
Saxena explored a scenario where someone wearing the Epoc+ headset, made by Emotiv, signed into their bank account during a break from gaming. By monitoring his brain waves during this activity, a simulated malicious software was able to randomly generate a series of possible matches until the right one worked. Far from perfect, the software narrowed down the odds of picking a four-digit pin to 1-in-20 and a six-letter password to 1-in-500.
That’s still too close for cybersecurity comfort.
Watch another Emotiv headset in action on NFL quarterback Paxton Lynch below.
This article was featured in the InsideHook newsletter. Sign up now.