DARPA moves ahead with Active Authentication (AA) to secure computers without passwords

ARLINGTON, Va., 20 Feb. 2013. Government researchers are looking into software approaches for securing military computer systems with advanced biometrics rather than user passwords in ways that focus on the unique aspects of the individual.

Information technology (IT) experts at the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., released a broad agency announcement (DARPA-BAA-13-16) for the second phase of the Active Authentication (AA) program, which seeks to expand biometrics research to validate an individual’s identity without interrupting what the person is doing.

Biometrics refers to a collection of characteristics that can recognize humans through their physical or behavioral traits. A human processes information in a unique way, and when he interacts with computers, he leaves behind what DARPA scientists call a “cognitive fingerprint.”

The current way to validate a user’s identity to gain access to secure computers requires humans to do something that is inherently difficult: create, remember, and manage long, complex passwords, DARPA officials explain.

After gaining access to secure computers, today's typical systems have no way to verify that the original user originally is the user still in control of the keyboard. The DARPA AA program seeks to develop ways of validating a user's identity using a device that focuses on the person's unique aspects.

The program focuses on two areas: first on the user's computational behavioral traits; and second on developing an application called a biometric platform that can integrate all biometrics available on one device to validate the user's identify -- whether the biometrics collected are behavioral, cognitive, or physical.

This solicitation concerns the AA program's second phase. The first phase, covered in a solicitation released early last year, focused on those using a standard military desktop or laptop computer.

Related stories

-- DARPA seeks to blend biometrics with passwords in DOD cyber security without new hardware

-- Are we taking Cybersecurity seriously? Congress shoots down bill

-- Military biometrics sensors and database technology to be provided by Northrop Grumman and IntegenX.

This second phase focuses not only on users of military desktop and laptop computers, but also on those using mobile devices like smart phones and tablet computers.

The future third phase of the DARPA AA program will develop more biometric security systems for desktop and laptop computers and mobile devices; develop biometric platforms for mobile environments; and moving the desktop application to an operational partner.

Companies interested should respond no later than 2 April 2013. Upload unclassified proposals to the DARPA/I2O Solicitation Submission System at Submit classified or secret proposals by authorized courier, or by U.S. Postal Service registered or express mail to Defense Advanced Research Projects Agency, ATTN: I2O BAA Coordinator, Reference: DARPA-BAA-13-16, 675 North Randolph St., Arlington, VA 22203-2114.

Email questions or concerns to DARPA's Richard, the AA program manager, at

More information is online at

To access this Article, go to: