Forget Face ID: a collaboration between the Defense Department and a NY-based company called TWOSENSE.AI, has birthed an artificial intelligence algorithm that could be embedded in smartphones and will be able to identify the device owner by the way they talk, type, walk and even by how “they spend their free time”.
TWOSENSE.AI is working with the Department of Defense to build a SaaS product that could eventually replace access cards currently used to verify the identities of DOD employees when logging onto the department’s networks.
The AI constantly monitors the user’s behavior, including how they carry the device, type on it and even walk. The system then automatically verifies the user’s identity using these parameters, enabling them to work seamlessly on their secure network without having to login each time.
Similar to privacy-stripping developments in China, the system updates a “trust score” as it tracks these metrics, based on the algorithm’s level of confidence that the correct person is using the device. Jeremy Corey, chief of the Defense Information Systems Agency’s Cyber Innovation Division said in May: “The score is checked to ensure it meets the desired threshold. This threshold is predetermined by the organization we are piloting our prototype with. This could be configured by the application owner, so long as it is within the authorizing official’s accepted level of risk.”
The $2.4 million contract was awarded in October through the Army’s other transaction authority, which allows certain agencies to sign contracts for advanced research outside of the scope of the Federal Acquisition Regulation. 75 prototypes were supposed to have already been delivered last year for testing, according to a technical director at DISA. After testing, the technology will be embedded in certain smartphones at the manufacturing level before being acquired by the DOD. We’re guessing this excludes Huawei from becoming a potential partner on the project.
Dr. Dawud Gordon, CEO of TWOSENSE.AI said: “Both DISA and TWOSENSE.AI believe that continuous authentication is the cornerstone of securing identity. Behavior-based authentication is invisible to the user, therefore it can be used continuously without creating any extra work.”
The project is reportedly working through “existing partnerships” between DISA, Qualcomm and Samsung.