The Google technology would rely on users’ unique facial ‘landmarks’ to unlock a mobile device
Google thinks that stuck-out tongues, wrinkled noses, frowns and funny faces can help future smartphone owners keep their phones more secure from intruders under a patent application the company filed on 4 June.
The facial recognition patent application is for a process that would recognise a user’s unique facial expressions, including a stuck-out tongue, a frown, a smile or even a wrinkled nose, to help authenticate someone so they can prevent their phone from being accessed by any other user.
The technology would match images and facial “landmarks” to help positively identify a user. The Google patent application was originally filed in June 2012 with the United States Patent and Trademark Office.
Of course, just because Google filed the patent application, it doesn’t mean that this kind of app will definitely appear for Android users. Several IT analysts, however, said the idea is intriguing.
“The need for new types of security in cellphone security is pretty significant, as most keyword-based passwords have high failure rates because they’re either too complicated to remember or too easy to hack, and with a device that portable and on the go – the need to create good security around devices is huge,” said Dan Maycock, a mobile analyst with Slalom Consulting, in an email response to an eWEEK inquiry. “However, fingerprint scanners have proven too cumbersome for phones in the past, so Google is taking a note from Microsoft’s playbook (they have touch gestures on a photo for a password) by trying different methods of authentication that create the ease of quick access with the durability of a hard-to-hack password.”
The patent application that calls for using facial expressions as a way to do that kind of authentication is a good idea, said Maycock.
“It will differentiate them in the enterprise space if it proves that it’s secure enough but also helps people who are less security conscious, such as small businesses and consumers, to become more secure as well. I imagine if it proves to be truly successful, Motorola [Mobility, which is owned by Google] might start incorporating this into their devices as well.”
Difficult to spoof?
A user authentication process using facial expressions rather than just facial recognition could be “harder to spoof but just depends on how much it pays attention to a particular face versus any face,” wrote Maycock.
“If it’s matching the individual’s face along with their gestures, then would a series of rapid photos or a video of someone doing the gestures spoof the phone? I think they have a long way to go before it is good enough.” At the same time, the idea could get some pushback from some users, said Maycock.
“I also think people will feel funny making faces into their phone, which is why I’m more inclined to say that it’s for less security conscious people and not so much for enterprises at this point – especially executives.”
Rob Enderle, principal of Enderle Group, told eWEEK that the idea of facial recognition and gestures isn’t new, but that by mixing the two could be a usable tool for improving mobile phone security.
“Facial recognition has been around for a while and gestures are part of Windows 8 authentication,” wrote Enderle. “However the problem with the first is that to get it to work so people can get into their phones, it isn’t very secure, and gestures are kind of awkward on a phone. Google is combining both into a facial tool where our face is one factor and what you do with it a second factor. Done right it promises the ease of access of facial and the increased security of gestures. Since this is gestures with your face there is some risk the patent won’t hold up but the idea is a good one.”
Enderle agrees that every user may not like the idea of making faces into their phone to be able to open it and use it.
“Granted, like all things Google, this will make people look rather geeky, foolish, or goofy when logging into their phones, which could make it difficult to get people to use it correctly. If everyone just smiles, it likely won’t be that much more secure than facial recognition alone, for instance.”
For Google, mobile security is an important issue because of its large Android user base. As of May 2013, Android has now been activated on 900 million mobile devices, up from 400 million one year ago, according to Google.
Are you a Google expert? Take our quiz!
Originally published on eWeek.