So much for good intentions. Scientists at the University of California and the University of Oxford in Geneva have devised a way to steal a user’s sensitive information
--account numbers, PIN numbers, etc.--via Emotiv’s off-the-shelf brain signal-reading technology.
The $300 Emotiv device works by sensing electrical signals in the brain and interpreting them as commands for a computer. But the researchers in this case were interested in another application that essentially boils down to mind-reading. Using the Emotiv, could they tap into signals that would reveal sensitive information?
Specifically they were monitoring for the P300 signal in their test subjects, a brain signal that is associated with recognition--a tip-off that a particular word or image is meaningful to the user. The researchers placed their Emotiv-clad subjects in front of monitors displaying a series of random images of banks, numeric keypads, PIN numbers, and various people, looking for P300 signals that showed a flicker of recognition. They found that over time they could reduce the randomness of the imagery and focus in on what the user found relevant. Slowly, they were able to zero in on the images--and numbers, and banks--most relevant to the subjects.
Of course, in order to execute this kind of fraud the user would have to be a willing participant. But should technologies like Emotiv’s interface proliferate, it would be easier and easier to perpetrate such a scheme. An unsuspecting user could be talked into playing “games” that result in their essentially being interrogated, the researchers say. And the information that the interrogators take off with would be nothing shy of the very information stored in a person’s memory.