These are actually some brilliant questions I hope to add this to the FAQs (eventually lol).
- Is EEG signal unique for every individual?
Yes for sure, IF it is combined with a mix of mental tasks or conditions, it is very well unique to the individual, I took into account a few research paper that have experience in the accuracy of identifying individuals using EEGS to visual stimuli. https://ieeexplore.ieee.org/document/4060941
- How stable is a user’s “brainprint” over time—hours, days, weeks—given EEG’s non-stationarity?
You're 100% on the money, because EEGs are non-stationary it could take upto 7 days (maybe longer?) to make a blueprint but interesting thought; "The relative power in the alpha band during eyes-closed resting-state EEG is consistent within individuals across sessions, suggesting potential utility for biometric identification and state monitoring, despite EEG’s inherent non-stationarity." - Ashby, C., Bhatia, A., & Tenore, F. V. (2011).
Low-cost EEG-based authentication using motor imagery. IEEE EMBC.
So ideally the way we would use adaptive enrollment and multi-session modeling at this stage, but I mean if funding would be available we very well could look at MAML, this would allow us to go from days to just a session to gain at authentication to the 90th percentile.
- How do you handle intra-subject variability (fatigue, stress, electrode placement)?
Mhmm... I've been hitting my head against a wall on this, then a knife then the endless amount of research papers, so i'll firstly direct this to a few and then roll back to what we believe the best method/s or the method/s we would use.
“The wavelet packet parameters of EEG … change significantly … long-term mental arithmetic task induces mental fatigue … SVM algorithm can effectively differentiate two mental fatigue states, which achieves the maximum classification accuracy (91%)”
https://sciendo.com/article/10.2478/v10013-010-0007-7
Spatial filtering and trial averaging are proven to reduce variance from noise and artifacts; CSP (Common Spatial Patterns) enhances Sig to Noise ratios by emphasising relevant spatial features in classification problems
https://eeglab.org/tutorials/06_RejectArtifacts/
“Robust averaging is used to mitigate the effects of outliers in the data. Trial rejection procedures, based on amplitude thresholds or variance criteria—are standard preprocessing steps to remove contaminated epochs and enhance the stability of evoked response measures.”
SPM Manual: EEG Artifact Detection and Rejection, Wellcome Trust Centre for Neuroimaging, UCL
https://www.fil.ion.ucl.ac.uk/spm/docs/manual/meeg_artefact/meeg_artefact/
So a few things we would do is, Artifact rejection (e.g., EOG filtering), Multi-trial averaging to smooth transient fluctuations and then Real-time guidance to help users repeat the same state (e.g., "relax for 5 seconds").
- Are there any regulatory or privacy hurdles?
Numerous hurdles, I mean NNNUUMMMEERROOUUUSS hurdles, based in Australia, under Australia’s Privacy Act, EEG data is classified as sensitive information.
So we would need to comply with Australian Privacy Principles (APPs), I believe it is exactly the same for the other countries.
So what we must do here at NeuroLock:
Local-only signal processing (no raw EEG leaves the device).
Biometric templates are encrypted, not linked to identifiable names.
No health inferences or diagnostics only verification vectors.
Explicit user consent before enrollment and use.
Store templates in secure hardware enclaves (e.g. TPM on mobile devices).
- What are the FAR/FRR targets?
FAR : < 1%
FRR : < 5%
NeuroLock targets a False Acceptance Rate of under 1% and False Rejection Rate of under 5%, aligning with top EEG biometric benchmarks that report Equal Error Rates (EER) as low as 1.96% using task-specific or resting-state signals (Kavitha & Vinod, 2017; Maiorana & Campisi, 2018). These targets are supported by multi-session template updates, CSP filtering, and adaptive thresholding to maintain usability without compromising security.
Given current state of Technology our first goal here at NeuroLock is to treat EEG as a supporting factor, not sole auth as first steps toward full Auth.
- What if a brainprint is stolen or replicated?
This is a concern for sure, unlike a password which can be changed when needed or if compromised, this doesn't exactly have the same luxury, because it's tied to you psychologically and cognitively, I'd claim it would be near impossible to 'reset' (lack of a better term).
So I guess there is 2 questions, If a brainprint is leaked can the user re-secure their identity and could someone mimic or replay your brainwave signature to impersonate you?
So i'll answer these first, so it's very unlikely but nothing is ever impossible, for someone to mimic or replay your brainprint, that would mean they would need the exact mental task, the user’s mental state (not sleepy, stressed, etc.) and the same hardware setup, electrode positions, and signal noise levels. No existing system can precisely replicate brainwave signals across time, even for the original user let alone the hacker. Now what if it is stolen or leaked, When a user performs a mental task, like closing their eyes and relaxing, NeuroLock captures a short burst of EEG data, creating a unique brainprint. To secure it, NeuroLock adds a randomly generated salt, which acts like a secret code, to that brainprint. It then combines the two and runs them through a cryptographic hash function (like SHA-256), turning them into a unique, scrambled template that can’t be reversed. Even if someone somehow got access to your brainprint from one session, it would be completely useless without the matching salt. And because a new salt is used each time, the final result is always different, even if you repeat the exact same mental task.
- How do you prove you’re not capturing unrelated EEG info?
Great question, this is exactly the study that has happened in 2022, so a study titled “Cancellable Template Design for Privacy-Preserving EEG‑based Authentication Systems” (Wang, Wang & Hu, 2022) tackles the exact problem of revoking compromised EEG templates, “Existing research has used hash functions and cryptographic schemes to protect EEG data, but they do not provide functions for revoking compromised templates … We propose the first cancellable EEG template design … which can protect raw EEG signals containing sensitive privacy information (e.g., identity, health and cognitive status).”
To actual prevent a leak, firstly, we would never store raw EEG, Instead, it generates a non-invertible embedding, which means the original signal can’t be reconstructed.
“Homomorphic encryption allows one to perform computations on encrypted data, without ever decrypting it. This enables users to perform operations in untrusted environments.”
Privacy-Preserving Biometric Matching Using Homomorphic Encryption
We also want to limit the amount of electrodes we use it uses only 2–4 frontal EEG channels, avoiding areas associated with deeper medical or diagnostic information. Templates are built purely for identity verification, not cognitive or health analysis. Until we obviously decide to branch into EEG Silent Comms (for another day).
Thank you for all the awesome questions, it was very nice to get the brain flowing with thought!