Biometric technology was once the stuff of sci-fi—how many movies show someone having their hand or eye scanned to get entry into a secured facility? But today biometric tech can be found in millions of people's pockets—as the fingerprint scanner on an iPhone.

Of course, fingerprint scanning isn't foolproof. Hackers have stolen fingerprints from photos, and used fake prints to fool Apple's touch ID. Plus, there’s always the brute force method, like the time a gang in Malaysia cut off a guy's fingertip—with a machete—to interface with the fingerprint-recognition system on the victim's Mercedes.

But there's a lesser-known biometric,that might be a bit harder to counterfeit: brainwaves. "In the biometric textbook table of contents, often the brain biometrics were listed as ‘Esoteric Biometrics.’ So I guess people have thought about it for many years, but it's been considered sort of esoteric." Sarah Laszlo, a psychologist at Binghamton University, part of the State University of New York.

To test the potential of brainwave biometrics, Laszlo and her colleagues attached electrodes to the scalps of 45 volunteers. They then recorded an electroencephalogram, or EEG—a reading of the brain's electrical activity—as the subjects watched acronyms flash on a computer screen. Turns out that each acronym—FBI, DVD, VCR—sets off a unique pattern of activation in your brain, which corresponds to an electrical signature. And each person has slightly different so-called "brainprints." Different enough that computers were able to uniquely identify the study volunteers by their brainwaves 94 percent of the time. That effect held up when the subjects were retested six months later. The results are in the journal Neurocomputing. [Blair C. Armstrong et al, Brainprint: Assessing the uniqueness, collectability, and permanence of a novel method for ERP biometrics]

Of course 94 percent accuracy won't cut it at the NSA. "I was told by a researcher at a secure cyberspace conference in January that there's something called the rule of 5s. Which means you need 99.99999—five nines, the rule of five—to be used as a practical biometric."

But Laszlo and her colleagues are trying out new ideas for upping the test's accuracy. Like showing "pictures of polarizing celebrities, like Kim Kardashian or Kanye West. And also images of foods that some people tend to really like and some people tend to really stay away from, things like sushi." The idea being that polarizing images might elicit more specific brainprints.

As for blackmail? "A brainprint, unlike a fingerprint or a retinal scan, is something that would be immune to sort of a gun-to-the-head or blackmail sort of situation. Brain activity changes if you're stressed. That's very well known. And you can cut someone's finger off. But you can't cut someone's brain out. You can't do it." Future spies will simply have to find a way to replicate the brainwaves of their foes themselves. And, actually, one of Laszlo's students is already studying how to do just that.

—Christopher Intagliata

[The above text is a transcript of this podcast.]