Single Trial Authentication with Mental Password Writing Sarah N. Abdulkader ( ✉ ) , Ayman Atia, and Mostafa-Sami M. Mostafa HCI-LAB, Department of Computer Science, Faculty of Computers and Information-Helwan University, Cairo, Egypt nabil.sarah@gmail.com, ayman@hci.fci.helwan.edu.eg, mostafa.sami@fci.helwan.edu.eg Abstract. This paper presents an authentication system that uses brain waves as a biometric discriminant trait. It utilizes Electroencephalogram (EEG) signals generated from mental writing of the user-owned password. Inde‐ pendent Component Analysis (ICA) and baseline correction has been used for preprocessing and noise removal. The effect of two types of features, multi‐ variate autoregressive (MVAR) model parameters and power spectral density (PSD) features, have been studied for this activity. Performance results based on single trial analysis have revealed that imagined password writing can reach average Half Total Error Rate (HTER) of 5 % for PSD features vs 3 % obtained with MVAR coefficients. The experiments have shown that mental password writing can be used for increasing the user acceptance for enrollment condi‐ tions while maintaining high performance results. Keywords: EEG · BCI verification · Biometric authentication · Mental writing 1 Introduction Technological revolution that characterizes this era has brought a lot of facilities and comfort to different aspects of human lives. It allows fast information exchange in the form of rapid mail delivery systems, distant communication and overseas transactions. These advantages come at the expense of increasing vulnerability of data secrecy. They cause the growing need for advanced authentication mechanisms. Approving or declining the claimed identity of the user is the responsibility of these mechanisms. There are three fundamental techniques used in authentication mechanisms, which are knowledge based, object based, and biometrics based authentication as stated in [1]. Knowledge based authentication requires the owning of some information exclusive to the user. It includes passwords and personal identification numbers. Different kinds of attacks can take this technique down like shoulder surfing and user carelessness. Some of the weakness associated with passwords can be overcome with object based authen‐ tication. In this technique, user possesses physical objects which are given for later identity confirmation as cards or tokens. They cannot be shared with the same freedom as exchanging the passwords. However, this category can still be broken with card-theft. Biometrics based authentication, which is concerned with the measurement of phys‐ ical characteristics or personal traits, fights the stealing vulnerability associated with the © Springer International Publishing Switzerland 2015 T. Tryfonas and I. Askoxylakis (Eds.): HAS 2015, LNCS 9190, pp. 3–12, 2015. DOI: 10.1007/978-3-319-20376-8_1